To death and taxes, it’s time so as to add a 3rd inevitability to modern life, circa 2023: Cyber sabotage.
“Cyberattack” doesn’t do the phenomenon justice. “Attack” suggests threats that seemingly come from on high, leaving victims feeling powerless to redirect or dodge the vectors that potentially threaten the viability of their business. For my part, “sabotage” reshuffles the deck, folding in culpability and moving away from a more passive business-as-usual mindset.
Cyber assaults are infernal but cybersecurity doesn’t need to be inscrutable. Just as any disciplined athlete works his or her way into fighting trim, smart organizations have to lean into the challenge and emerge intact, if not stronger, by implementing policies and procedures that comprise an efficient cyber-sabotage strategy. This isn’t a case of sighing and saying “nothing might be done.” Whatever transpired, every SMB can do more before, during and after the sabotage than the corporate may realize.
At the chance of oversimplifying, that strategy comes all the way down to five words: Discover. Isolate. Communicate. Analyze. Fix.
SMBs can profit from an experience-based template that each leverages behaviors/learnings and extrapolates for that inevitable “next time.” The template should give attention to these sorts of actions and attitudes:
- Discover each the issue and its source. What actually happened, where and the way did it arise, who was most affected, etc.
- Within the wake of an incident, retrace your steps — internally, with a watch toward identifying points of vulnerability, seen and unseen; and over time, externally as well.
- Communicate. immediately, clearly, consistently and with humility. Understand the assorted audiences, plural, then discover and deploy multiple channels of communication (Twitter, DM, email, etc.) to achieve them effectively in realtime.
- Be ruthless about fixing anything which will have been (or still be) broken – including established and ostensibly “proven” procedures and processes.
- Gather actionable data: audit security procedures thoroughly. Codify your learnings; enlist appropriate third parties, as needed, all in service of stopping or averting future incidents.
Register for Small Business Digital Able to discover and access free small business-focused events.
Make no mistake: calamities occur. With a “security-is-a-process” mind set, it’s far easier to react without overreacting. Businesses get blindsided every now and then; living to inform about it’s less a matter of luck than of situational awareness, which is rarely an accident.
So what’s the easiest way, the institutional way, to bake situational awareness into the pie? One underappreciated facet of this dynamic involves getting help — all-hands-on-deck type help (aiming at things like root cause evaluation and even forensic evaluation), if that’s what it takes. For businesses committed to shutting down sabotage, inviting third parties into the conversation isn’t entirely risk-free, whatever their level of experience.
“Not invented here” pondering really is a thing, potentially complicating matters inside organizations that could be wary of perspectives that didn’t emerge internally. Looking outside is only once the organization has retraced its steps repeatedly and has obtained an intensive, data-driven understanding of what just happened — after which shares that with its chosen third party. Hardening security at that time not only is smart — it might actually work.
By definition, post-mortems examine what went mistaken, where the source(s) was, what key elements and processes were compromised — but additionally they have to be forward-looking. What did remediation appear to be this time and the way can actions you are taking now avert a possible reoccurrence? Are management and monitoring changes warranted, and in that case, how significant do they have to be? Is there a risk of over-correcting? How’s the info itself (has anything been accessed, encrypted, copied, exfiltrated, deleted)?
The M.O. for each small business should be embracing triage in a way that uninvites drama and replaces it with control. Just internalize the mantra: Discover. Isolate. Communicate. Analyze. Fix.
