Everyone knows cyber attacks are happening all the time, and many businesses are deploying defence solutions: bristling firewalls, defence training for staff, risk reviews. But the cyber attacks keep coming. According to the Verizon Business 2021 Data Breach Investigations Report 85% of breaches involve a human error – the system doesn’t fail, the people make mistakes. Then the real problems begin, because way too many organisations, particularly small businesses, don’t have an effective plan to respond to an incident when (not if) it happens.

The delusions:

We’ll deal with it when it happens

Once the incident has exploded its way to late to work out how to deal with it. Dealing with a cyber attack requires putting things in place before it happens: the right backup, how to shut down access to compromised data, who to tell, and who to make decisions, how to save the company reputation, ability to contact clients, ability to conduct all business. These are not things you can make up as you go.

We’re a small business, we aren’t a target

This is one of the scariest delusions I hear. In fact small businesses are mostly more vulnerable, not less. This is because there are so many of them, they have access to most of the people who can be tricked by scams, they mostly have less resources for very sophisticated defence. Don’t fool yourself, if you run a small business you are very exposed to attack.

We have cyber insurance, that takes care of it

Really? Cyber insurance is good to have, but how much insurance do you need to cover a trashed business reputation? Most of the cyber insurance I have reviewed won’t restore everything lost in a cyber attack, and many are so full of exceptions they are not worth it.

We have a really expensive firewall, nothing can get past it

Unfortunately, most cyber attacks don’t come through the firewall, most attacks are triggered from inside your business by a staff member making a mistake.

The bottom line?

A well planned incident response is an essential business tool and can’t be invented on the fly. Don’t wait, do it now!

If you would like a chat about any aspect of your IT, feel free to call/email anytime.

Leave a Reply

Your email address will not be published.