Russell McVeagh has today launched a new ‘Cyber Attack Toolkit’, which describes a model on how to prepare for, and how to respond to, a cyber attack. The step-by-step guide covers three key elements: the roles and responsibilities of a cyber response team, the eight steps towards cyber attack preparedness, and how to respond to an attack – including the technical response, managing external communication and making or defending legal claims.
The booklet has been published by the firm’s Information Communication and Technology (ICT) team, who advise on the full spectrum of ICT matters for the private and public sector.
Cyber attacks are occurring constantly and all organisations, big and small, are targets. Responsibility for cyber attack prevention and cure should not lie solely with an organisation’s IT department, or with IT providers – instead, management teams should understand the risks and have devised and implemented an appropriate cyber resilience programme across their organisation. Anyone who has access to IT systems and data presents a vulnerability that could be exploited by a would-be hacker, and therefore, everyone in the organisation should be concerned with being cyber attack prepared.
The booklet outlines ‘eight steps towards cyber attack preparedness’ and these are explained in the well-designed, easy-to-digest Cyber Attack Toolkit. The eight steps include:
- Making an inventory of critical IT assets;
- Assessing the risks and understand the practical impacts of a cyber attack;
- Setting the standards and determine the standard of reasonable protection;
- Doing a gap analysis of current practice;
- Ensuring appropriate documentation and contractual arrangements are in place;
- Making and implementing a plan to rectify current deficiencies;
- Planning for an attack;
- Testing organisational response and continually adapting to changing circumstances.
The ‘How to respond’ section of the booklet details ‘three 'C's of a cyber attack response’: Correct, Communicate, and Claim. Advice includes how to leverage contractual rights, who needs to be advised (and what and how they should be told), and then after the dust settles, how to determine what kind of claim an organisation may be able to make (and what claims may be made against the organisation).
The Cyber Attack Toolkit is available by request. Please email us to request access to a complimentary copy.
For further information, please contact:
Marketing and Communications Manager
T: 09 367 8245
M: 022 675 2702
E: [email protected]