Explained: The 6 steps you must take in the event of a cybersecurity failure
SNG Grant Thorton discussed how to prevent or minimise the impact of a data breach.
The Fourth Industrial Revolution brings with it a greater reliance on information technology and cybersecurity, all of which come with own their risks and opportunities. Organisations now more than ever need to invest in solutions that detect, isolate and block cyber-attacks.
Just few months ago, City Power was hit by ransomware, which is a type of malware that targets your data and can be purchased for a little as $39 (R583) on the dark web.
Speaking at the Finance Indaba, Kudakwashe Charandura, director of Cybersecurity at SNG Grant Thornton, revealed the steps companies must take to prevent or – if that fails – minimise the impact of a data breach.
First, companies need to define and implement a data breach policy that identifies an incident response team (IRT). From there they must review their information systems and pinpoint where sensitive information resides in the system. The next step is to conduct a risk assessment process to identify potential data leaks. This process is called implement information security controls (SEC).
To make sure that their system is always safe, they need to continuously monitor for sensitive data leakage and loss. Lastly, organisations need to frequently conduct privacy and security awareness trainings as part of an ongoing training and awareness programme.
These are the six steps that should be taken after an attack happens:
1. Review and validate the cyber attack;
2. Activate incident response policy;
3. Deploy cybersecurity and forensic specialists;
4. Notify law enforcement agencies;
5. Determine how and when to notify affected individuals; and
6. Lodge a cyber-insurance claim, which is a bit pricey.
SNG Grant Thornton believes that cybersecurity should be treated like an onion: adding layers upon layers of security controls around your data, making difficult for cyber criminals to breach your system.
In addition, they suggest that cybersecurity should be embedded in people’s processes and technology. With people, it is necessary to do security awareness training as often as possible, and processes, policies, produces and standards need to be taken more seriously.
The SNG Grant Thorn cybersecurity suite
The company provides global intelligence-led cyber services informing organisations about their current level of cyber risk. They also offer specific, pragmatic and actionable advice to improve their cybersecurity posture and help manage security incidents.
In addition, they assist in identifying and mitigating potential risks and help you avoid expensive mistakes, data leaks and hacks.
Kudakwashe shared how different cybercrime is to any other normal crime, because it happens in milliseconds.
“When it comes to cyber, our way of thinking should be different. Companies need to have a standby forensics person, just in case an attack occurs.”
Also participating on the panel was Alfred Sambaza, director of forensics at SNG Grant Thornton, who added that: “In terms of verification process, the weakest point is usually on the side of the human being.
“Changing simple practices in our personal lives, will convert in us protecting the digital assets in our organisations. Simple things like logging off from our computers properly and closing sensitive windows on our mobile devices, will help.”
Cyber-attacks in South Africa run into the billions, and attacks that can happen in Europe can even trickle to down or spread to systems in South Africa. And if you’re worried about the cost of their solutions, don’t be, because they come in bespoke packages that cater to your specific budget as an organisation.