27.11.2018

WANT TO BET THAT YOU HAVE A SECURITY GAP SOMEWHERE?

Companies are attacked by cyber criminals every week. Here are seven key recommendations on what to do before and after an emergency.

Clarify who is responsible

Ultimate responsibility must lie with a member of the management or Executive Board. This also makes it easier for staff in IT and Compliance to assert themselves against colleagues.

Attacks via email and telephone 

Numerous well-publicized examples have put the focus on cyber attacks. But do not forget that companies are still constantly defrauded via email, telephone and fax. Give your staff regular training to ensure that they are aware of the risks.

Clear procedures in an emergency

Define now who will be responsible if damage occurs. In addition: Who needs to be notified immediately (both internally and externally)? Who are the internal and external points of contact for staff, customers, suppliers and media inquiries? Does a law enforcement agency need to be informed?

After a cyber attack

RELATED ARTICLES

CYBER SECURITY - MACHINE SAFETY FROM DAY ONE

"ACTION IS NEEDED NOW"

In order to prevent damage from spreading, for example by a virus, everyone who is potentially affected needs to be informed immediately. This includes developers, suppliers and customers. If third parties have also suffered significant damage, the company that was attacked has to prove that it had taken all feasible protective measures in advance and implemented all necessary security measures once the damage event occurred, in order to limit the damage for itself and third parties.

File charges

Attacks relevant under criminal law include the following: An unauthorized person has logged into the system, large amounts of system resources are suddenly being used, malware is identified or large quantities of data from one or more senders are flooding the system.

Document the damage

Cyber attacks can cause enormous damage. The resulting costs must be documented carefully. The same goes for verification of the measures taken to mitigate the attack.

Inform the insurer

If the company is insured against this kind of damage, for example with cyber insurance, the incident must be reported to the insurer or agreed service provider immediately.

Further information

VDMAimpulse 05-2018 "Cyber security versus machinery safety"   | VDMAimpulse 05-2018 "Action is needed now"

Tag cloud

Related sections