Are you Ready for a Cyber Attack?
I was in North Carolina last month when the Colonial Pipeline was hacked. I was amazed at the panic that ensued – drivers filling up cars that didn’t need to be filled up yet, waiting in line for hours, creating traffic jams around gas stations. I’ll admit I was a little worried. I had about 200 miles left to drive and just about a ¼ tank of gas.
I was lucky. I found a gas station in a very rural area that had received a tanker in the middle of the night. It got me to Charlotte. But then I was unable to top off before returning the rental car because nearly 80% of Charlotte’s gas stations were closed.
Could this have been prevented? I’m sure someone is looking into that. But the public response could have been different. Unlike the gas shortage of the 1970s, the gas supply was safe. It was the distribution that was being interrupted. But that message was not clearly communicated.
Whether your company is attacked by criminals, a disgruntled employee or a teenager in his basement testing his skills, the impact can be devastating. It can unquestionably cause a disruption in your business; but it also can negatively impact your reputation, your stock price, your competitive position in the marketplace and may result in expensive lawsuits.
Absolute cyber security is probably not realistic. So, be prepared. Know whose responsibility it is within your company. (Hint: It is not just IT.)
Have a response plan.
Who are the stakeholders that are affected? Customers? Suppliers? Shareholders? Employees? Investors? Board of Directors?
Who is responsible for getting the word out? CEO? PR Department? Legal/Risk Management? Chair of the Board? (If you don’t have people prepared, other people will tell the story for you – and you may not want that.)
What information needs to be communicated immediately? What can wait for an investigation?
What resources do you have to get that information out? Key media? Business partners? Employees? Social Media?
You know what a cyber attack can do to your business – whether it’s stealing customer data, accessing your intellectual property or disrupting critical infrastructure. No matter what business you are in, you are vulnerable. So, don’t wait for it to happen to create a response plan.
[Need help creating an incident response plan? Contact Volterra Communications.]