Firms do smart things to help them become resilient. They create business continuity plans, cyber playbooks, terror playbooks, they employ mass notification and document sharing technology and then they take all this good stuff and do something really dumb. They put it in a real or metaphorical box marked ‘Crisis Use Only’.
If Shutterstock are to be believed, then hackers are men in their early twenties wearing hoodies, sometimes paired with some supervillain leather gloves and a balaclava.
“Have you tried turning it off and on again?” The iconic catchphrase from The IT Crowd struck a chord with misunderstood IT professionals everywhere, because in so many organisations the role of the IT department is misunderstood. Cyber security is often seen as something for “IT” to worry about, not sales, marketing, HR or any other department. However, in order to have watertight defences (or as close to that as possible), all staff need to be engaged in a data security culture.
Managing the fall out of a data breach is a team effort, making communication vital. Every employee with an email address can be targeted by increasingly sophisticated phishing scammers - making the protection of an organisation’s data the responsibility of everyone, not just the IT department.
WannaCry was the breach that catapulted cyber security into the headlines last year. The NHS, an organisation close to our hearts and an integral part of our country’s infrastructure, experienced a cyber attack that brought it to its knees. However, the most significant impact of the breach was on public confidence in UK institutions’ ability to defend themselves against hackers.