Why is it Important to have a Cyber Security Plan in place?

By The North West Cyber Resilience Centre

Cyber attacks can be incredibly disruptive to your business. While media attention about cybercrime focuses on larger organisations, it’s important to remember that the vast majority of cybercriminals are indiscriminate – any company that works online or sells online is a potential victim.

We often hold an image in our heads of cybercriminals as using sophisticated and expensive equipment, the reality is often free and simple. Common techniques used by cybercriminals today include:

  • Phishing – where hackers sending emails in an attempt to gain sensitive information or encourage the recipients to visit fake websites to extract data.

  • Ransomware – this is deploying malware that will encrypt and deletes your data. Often used as a tactic to extort money from companies, with a promise of returning your data (which is not always the case).

  • Impersonation – hackers set up a false website or compromising a legitimate website to exploit visitors.

  • Scanning / Social Engineering – searching the web for vulnerabilities of companies or individuals to exploit.

To combat all of these threats, businesses should always consider having a cyber security plan. The most disastrous of these threats is ransomware, this can be truly devastating not only from financially, but have a major impact on your mental health. 

Last year Redcar and Cleveland Borough Council's website and computers at the authority were attacked. This attack saw more than 135,000 residents go without online public services for nearly a week, as their council struggled with a cyber-attack.

You may have seen in November, that Manchester United announced they had been subject to a cyberattack that targeted their systems. Cybercriminals launched a sophisticated operation that caused an IT disruption, involving highly sensitive information about the club.

Before launching ransomware attacks, cybercriminals can spend days, weeks or months inside a victim’s network, working to identify their defences and assess what the organisation could be worth, so they can maximise the impact of the attack.

As remote working from home increases, businesses have an increasing reliance on technology. 

Planning for a cyber attack should be considered just as – if not more – important than planning for a flood, fire or other disruption. Business continuity plans should be stored offline and regularly updated and tested.

Related Posts

Subscribe to our newsletter

Sign up here