The active awareness on cyber security is tremendously growing in public and government sectors, as companies learn that their networks are vulnerable to cyber attacks. This is scorching these days on Management Association of the Philippines forum on “Cyber Resilience-Board room priority.”
The agreement reflects that Information and Communications Technology (ICT) department yet alone cannot handle all cyber security attacks. Therefore, it is advised that every employee with a C-level executive board room priority. Cyber Resilience.
Organizations must forcibly prepare themselves for this inevitable cyber attacks. For such actions vigorous bounce is required.
Many questions arise that how senior executives can actively indulge in before, during and after the attacks. And how a strong and effective response can be instituted.
- What are the threats that a company is comprise of a cyber attack?
- How much vulnerability is at risk for the organization? Which attacks are likely to succeed? And most importantly what kind of data and access is at risk.?
- To be precise, how expanded and lethal your cyber security must be?
- The concerns that must be highlighted are the persons/executives who are responsible to monitor and assess the program.? What confidential documents and assets are to be protected by all means and are intolerable?
In many foreign and US states there are laws indicating for personally identifiable information (PII). This includes notifications when PII is compromised.
Chief Privacy officer (CPO) is responsible to design, develop and implement features to protect individual employee and customer data from unauthorized access. Such process works conjointly with other executives such as: Chief Human Recourse officer (CHRO), Chief Customer officer (CCO), Chief Operations officer (COO), Chief Information Security officer (CISO) and lastly Chief Executive Officer (CEO).
The key to implement a strong security protocol through out an organization is to how efficiently they coordinate their processes before, during and after a cyber attack.
There must be a committee setup to handle all cyber attacks. And this is the responsibility of the highest governing body of an organization. If your company does not have one till now, consider having on.
Basically the motive of this committee is to determine how extensive the cyber security must be. Also it should determine how consistently and aggressively they will monitor the said program in the organization.
Such cyber attacks response team members include personnel from various departments from within the organization: ICT (Impact on computerized systems), Marketing (Public communication), HR (Internal communication) and other executives.
A detailed assessment can help determine threat analysis that whether you have been breached in the past or are currently under attack.
During a breach the biggest concern is to take control of the situation, active and swift response in such case can remove hackers and help you recuperate to normal operations soon possible. This is what “Cyber Resilience” is.
The most important thing to avoid such attacks is to identifying the loop holes in your framework and rectifying them on regular basis.
Also referring to your legal counsel, public relations and stake holders at all steps is good practice to determine what is required of you under existing laws.