Cyber security is a topic that more and more businesses and individuals are becoming aware of, whether they have faced an attack at work or experienced a hacked social media account in their personal life.
Click play to watch back and get practical tips on:
What is a cyber incident response plan, and how can I improve business resilience to threats?
What are the legal implications of a cyber incident?
How can BrightHR help me embed my incident plan in practice, and what other policies should I consider?
What should a cyber incident plan include?
Our Cyber Incident plan included four key areas:
Preparing your checklist - This is so you can prepare for, respond to and recover from cyber incidents.
Make sure you have weekly IT security checks
Make regular backups of your computers and any key data
Ensure you test your response plan, having a plan is a great step but you should also test to ensure your staff know how to respond during an incident
You should have an emergency contact list - this should include staff names and contact details. A list of key emergency contacts, customers and supplier details. Have both a digital and printed copy of the document in a safe place
Incident response communications, are the core questions you should address when planning or dealing with a crisis. Before an incident occurs think of Who, What and How?
Who is included in your response team? Who are they communicating to?
What are the immediate actions you need to take?
How are you going to continue with your business if critical systems are offline and staff can’t work?
We also walk you through the legal implication of an incident - it’s crucial to respond appropriately to any incident and mitigate the risks arising from it. Our document breaks down the decisions you need to take during and in the aftermath of a cyber incident to enable you to navigate out of choppy waters with minimal damage.
Who should have access to the company plan?
Share your plan with staff who feature in your incident response team and make sure they’re aware of what is expected in their role.
Ensure that they have a delegated deputy if they are away or sick - often cyber attackers do their research to exploit times when key members of your business are away. It’s important that cyber attacks don’t prosper because you are reliant on a handful of people. We all need our holidays, so make sure everyone knows what to do during those popular summer, Easter and Christmas breaks.
Implement staff training with your policies and plans so staff are confident in reporting an incident or attack when they see them. If your staff member receives a phishing email or mistakenly clicks the wrong link in an email thinking it was from a colleague - do they know the right process?
Staff shouldn’t be scared of the consequences of making mistakes, it's all about educating them to know what the scams and attacks look like and know when to report them.
Don’t forget your customer-facing side of a cyber incident, you are likely to need to respond via a crisis communications plan or PR plan.
Make sure your social media and communication teams know what they’re going to put out.
Have draft responses for a variety of scenarios and timeframes.
Make sure you have content ready to publish on your website with FAQs or contact information for customers/stakeholders/suppliers to call.