Editor’s note: this article was written last year in conjunction with RiskLogic’s Cyber-Awareness campaign. We are re-publishing for 2017’s Cyber awareness month.
The Business Continuity Institute brings you another year of stats to help really put into perspective what the issues facing organisations are. Here is a break down of the 2016 Cyber Resilience Report. These numbers were researched and put together by Senior Communications Manager, Andrew Scott CBCI.
As I mentioned last week, BDO had stated in their cyber awareness workshop that one organisation would receive on average 17,000 attacks in 2016. By 2020, this is going to cost companies a staggering $3 trillion USD.
The frequency of these cyber incidents demonstrates why it is important for organizations to have plans in place to mitigate against these kind of threats, or to lessen their impact.
This has clear implications for the time taken to return to business as usual, and the ultimate cost of the incident to the organization.
Even if organizations wish to respond immediately to a cyber attack, the nature of the attack may render them unable to do so.
All these forms of attack will, in different ways, render an organization’s own network either contaminated or inoperable. An example of a company in New Zealand who a few years ago disappeared off the face of the earth reiterates this.
They had realised one afternoon someone was in their system, just sitting there waiting (which can be more worrying than if they’re actually attacking). The organisation took the first meaningful step and completely disconnected the whole business. 150,000 customers were contacted to change their passwords. Over two weeks the IT team rebuilt the company up from scratch. Confident that no hacker could get back into something completely rebuilt like this, they gained the stakeholders trust and invested millions into fixing this as soon as possible. On a Friday afternoon at 4:30pm, the business was ready to switch back on. Once they had, their CIO had been informed that the hacker was there again, waiting, back in the systems. His inevitable attack lead the company to loose a further couple of million dollars and send them to bankruptcy.
David James-Brown FBCI, Chairman of the BCI, commented: “This piece of research is one of the most timely, insightful and relevant the BCI has ever produced. Cyber attacks tend to target the weakest links of an organisation, and this calls for a greater awareness of ‘cyber crime’. As the cyber threat evolves, it is crucial to stay on top of it, building long-term initiatives and regularly updating recovery plans.”
Rickie Sehgal, Chairman of Crises Control, said: “Rapid communication with employees, customers and suppliers is vital for any company in terms of responding effectively to a major business disruption event such as a cyber attack. When your business is at risk, even a one hour delay in responding to an incident can be too long. Taking more than two hours to respond, as almost half of companies do, is just unacceptable.”
RiskLogic offers a comprehensive training course on cyber resilience and how your organisation can remain prepared and secured for when an attack occurs. Our experienced and credible consultants are well prepared and ready to assist you in your cyber journey. Contact us now to arrange your obligation free consultation.
RiskLogic and Briggs Communications are excited to announce their new partnership in delivering crisis preparedness, response and recovery services. Together, they bring combined expertise in specialist crisis management, crisis communications, emergency management, strategic response, and business continuity.
While both companies will continue to provide services independently, both saw the synergy to work collaboratively in providing comprehensive end to end services to their existing and future clients.
Josh Shields, Co-CEO of RiskLogic, says “Our partnership with Briggs Communications further helps to deliver on RiskLogic’s mandate to provide a truly immersive and world class crisis management experience for our clients. Our combined expertise and broad reach is already helping clients to build an unmatched response capability and ensure their ongoing success, no matter what the challenge”.
Briggs Communications is a specialist Crisis Communications company. They prepare their clients to manage the online and traditional media response during a critical incident. Allan Briggs, Managing Director of Briggs Communications stated the “Perception is reality. Having the right message to the right people at the right time does not come with luck, but through planning, training and testing. We look forward to partnering with RiskLogic and the positive impact this will have on our clients”.
For more information please contact:
1300 731 138
As we all know, training provides employees with the opportunity to expand their knowledge base and build credibility within their organisation in a particular field of expertise. Unfortunately, people are often too busy to take time away from the office for self-improvement. However, with Business Continuity (BC), the benefits of development expand further than the individual and could be the key difference between organisational survival and failure. Organisations that do not invest in valuable Business Continuity training leave themselves vulnerable to serious financial, operational, reputational and regulatory consequences.
Can they afford the time away from the office? Is it really worth the money? Well, for the Business Continuity Institute (BCI) Good Practice Guidelines Training Course, the answer is yes and here are 5 reasons why:
1. Training costs a lot less than a major disruption
The small cost of training Business Continuity professionals are a fraction of the cost of mismanaging a major crisis. Disruptions can significantly impact your business and affect operations if your staff are not properly prepared. Downtime means reduced sales and potential losses of revenue. BC training prepares staff to react and respond to incidents and keep business operations going. Maximising the chance of a successful recovery by empowering your people to respond under pressure is a good investment.
2. You’ve presumed your people already know what to do in a crisis
Even the most experienced leaders cannot be expected to know exactly what to do every time in a crisis. Without proper training and exercising, each person is left to react in their own way, leading to hasty decision making and confusion during an event. Managers who understand their roles and responsibilities in a crisis is the key to ensuring prompt and efficient action is taken to minimise loss.
Preparing, conducting and reporting a Business Impact Analysis (BIA) helps to determine and evaluate the potential effects a disruption would have on critical business operations. Unfortunately, without proper training, often BIA’s are poorly completed or misaligned with business objectives which make the preconceptions unreliable. The BCI Course equips participants to return to your organisation and identify the current business functions, assess criticality, timeframes and key dependencies to create a valid BIA plan.
4. You think you’ve prepared for every business disruption
In the last 2 years, 80% of organisations surveyed in the BCI publication “Supply chain trends: past, present and future” experienced disruptions due to unplanned outsource supplier failures. 5% lost around $15 million in revenue, 33% reported concern around brand damage, 35% had little or no supply chain resilience and 75% still admit they’re not prepared today. Occasionally it can be someone else’s disruption that ends up becoming your problem. Therefore, professionals who are responsible for purchasing, supply chain management, contract management and procurement require necessary training to become more knowledgeable and equipped to formulate adequate contingency plans for their supply chain.
5. One Business Continuity plan does not fit all organisations
An organisation specific BC plan is critical for any recovery strategy as a BC plan that fits one company won’t be appropriate for another one. The course provides practical guidance and assumes that the most useful plans are those developed by those who are going to use them and in the context of managing the sort of incident in which they will be used. Investing in training provides your people with the skill set to write a BC plan that is detailed to your organisations operations.
To help your organisation prepare for a crisis, RiskLogic offers a three-day, fast-track BCI Good Practice Guidelines Training course. This introduction to the world of Business Continuity provides participants with the basic knowledge and understanding required to develop or maintain a robust Business Continuity Management (BCM) program. To find out more, please click here.