Cybersafetyconnections February 20, 2023 Vol#106
- Back to basics of cybersecurity for before and after a data hack or breach.
- Risk assessment and staff training are where to begin the cybersecurity trip.
- 3 steps for before and after data breach as per 2 cybersecurity experts.
Back to Basics
Back to our regular cybersafety space. The scope is on the three basic things you can do Before and After a cyberattack according to experts in the “putting out fire space”. This blog is based on the article How to prepare for a cyberattack.
As mentioned, many times, it is not IF but when you may become a victim of cyberattacks and the cybercriminals have no respect for the size of the company. Just because it is a small organization does not mean it is safe from cybercriminals. Smaller businesses are more at risk of going out of business due to cyberattacks.
Risk Assessment
Online pictures powered by Bing
According to 2 cybersecurity experts the first step is risk assessment which was already discussed in several blog posts. Here are links to some blog post.
Five Cybersecurity Game Plan- #3
The Start of Before and After Breach Coaching
Risk assessment involves checking out the organization’s technology, infrastructure, processes, and security controls to identify where the organization may be at risk and the possible effect of a data hack or breach. This process is likened to identifying your valuables and making arrangements to keep them safe.
In addition to risk assessment, training employees to recognize external attempts by cyber criminals to hack into the company’s internal systems is recommended as a great way to achieve the cybersecurity goal. This involves training and testing employees in areas like phishing. Phishing is when cybercriminals try to obtain sensitive information by sending emails with links or attachments. By clicking the link, you may be redirected to the fake website for you to enter sensitive information, or when the attachment is opened, malware is downloaded and infects your systems.
Before and After cyberattack
Ransomware attacks may result from downloading malware. The malware locks your computer and denies access to your computer and computer resources then demands payment for the release of your systems. When that happens, here is what you can do;
1. Change internal communication channels
It is recommended that employee communication channels be moved to a safe, secure channel that is not been monitored e.g. Signal and wire. There has been an instance of cybercriminals gaining unauthorized access to Slack to spy. Switching communication channels may prevent cybercriminals from infiltrating the organization and learning the company’s plans to get back into the business.
2. Cybersecurity insurance
Companies of all sizes are encouraged to get cybersecurity insurance which can be very helpful if there is a ransom demand. The best type of insurance is those with teams that can help in the negotiation with hackers and handle internal communications with employees and customers.
3. Know your valuable assets
Know your intellectual properties that would be awful to lose and how to keep them secure. Also, be ready and prepared to take action in the face of a cyberattack.
Subscribe to get the latest blog post.
Your CyberSafety Advocate 