The Business Continuity Institute recently reported that two thirds of organizations surveyed had experienced at least one cyber incident in the past twelve months and that 15% had experienced at least 10 incidents during the same period. The study went on to explore response times and incident costs.
The BCI study found that response times for the cyber incidents varied.
- 31% of organizations said they responded to incidents within an hour.
- 19% took four hours or more to respond to a cyber event.
- While 44%, so almost half of organizations, took more than two hours to respond.
This lag in time to respond to a cyber threat is an indication of how long it takes businesses to get back to doing business as usual. Obviously, the longer the down time, the higher the costs for organizations. If a business doesn’t have access to their network for more than an hour that means executives won’t have access to data to help customers, customers won’t have access to the company for assistance or services and business partners suffer from not being able to take care of day to day operations with the organization.
When we look at what the study found as the top cyber disruption causes for the past 12 months, we find that phishing and social engineering attacks were the reason for disruption for over 60% of organizations. While 37% of organizations were hit by spear phishing. They also found that 45% of businesses were hit by a malware attack and 24% by denial of services.
The downside to these types of attacks is business disruption due to a contaminated or inoperable network. Sometimes the internet connection needs to be switched off until organizations can secure their connection or their website gets taken down. These two scenarios render a business invisible to consumers in this digitally connected world, which is something no business wants. One of the solutions to avoid a lengthy disruption of operations is a business continuity plan (BCP).
Having a recovery plan for cyber threats reduces high costs because it helps to ensure that communication between employees, customers and suppliers takes place rapidly. Effective and seamless communication is essential so that everybody within the organization knows what steps to take when dealing with a cyber intrusion, which in turn will reduce the time it takes to remove the threat. Also, with a BCP, organizations will have put in place the proper precautions to allow for the quick recovery of needed data to keep business going as usual while the threat is being taken care of. It also avoids the spread of contamination to other areas within the enterprise, which is also very important to protect further data from being threatened.
Essentially, if businesses hope to reduce incident response times and costs they should have a recovery plan set up. A plan that has been designed with their organization’s data system and business operations structure in mind. Sure, organizations can get a set BCP template, but that type of plan won’t take into account the unique components each business is made up of and functions with; such as their specific servers, cloud provider, employee and executive communication setup, and third party business partners, and so on and so forth. On the other hand, when a business takes the time to get an assessment that identifies these specific components and creates the BCP accordingly; only then, can the organization be sure nothing is left behind.
You get what you invest in and if businesses really want to reduce incident response times, breach costs and downtime; then they will want to invest in the right business continuity and recovery plan for their business.
Photo courtesy of buttet