Incident response: Tried and tested or dusty and out-of-date?

These days, cybersecurity is the talk of the town. You can’t look at the news without hearing about an attack, a threat or an online security breach. Surely, companies and businesses are prepared for the risks and ready to charge head-on when an attack inevitably presents itself, right? Right? Cue the sound of crickets.

The Future of Cybersecurity in Asia Pacific and Japan 2024 Report by Sophos has highlighted some concerning facts on incident response planning. Those facts should be enough to have business owners and execs shaking in their boots.

One worrying statistic highlights that 75% of organisations said they created or implemented a plan only after their company experienced a breach. Here’s another one: Only 23% of companies felt they had a clearly understood response and communication plan. Feeling sweaty yet? It gets better – or worse.  29% expressed no plan, which would leave their company scrambling to respond if and when a breach occurred.

So, when cybersecurity is top-of-mind for so many of us, why are so many still unprepared or scrambling?

Australians are notorious for the ‘she’ll be right’ attitude. No worries, mate. Hey, there’s no problem with a positive attitude. The challenge is that we see too many small to medium local businesses assuming it won’t happen to them – even though we know that 43% of cyber attacks target SMBs.

We have to shift the culture so that companies don’t live in fear, but they are prepared. Aussies have had their fair share of disasters in the last few years, and the cost of being unprepared can drastically affect your business recovery.

Skill shortages and staff shortages impact cybersecurity. According to The Future of Cybersecurity in Asia Pacific and Japan 2024 report, 85% of companies stated that they experience fatigue and burnout among their cybersecurity and IT professionals, with 1 in 4 experiencing the issue frequently and 62% experiencing it occasionally.  Unfortunately, this issue has increased, with 90% of companies stating burnout and fatigue increased in the last 12 months and 30% reporting it has risen significantly.

This burnout can be due to the lack of resources, insufficient staff, and pressure from ever-changing regulatory, legal and compliance obligations. IT teams are overwhelmed with alert overload and ever-evolving threats that seem impossible to keep up with. When IT and cyber professionals are inundated with BAU tasks, it’s easy to see how an incident response plan can slide to the bottom of the to-do list.

The Sophos report shows that around 51% of boards truly understand cybersecurity. This result has risen from the previous report. While this is a positive, the pressure on IT and cybersecurity professionals is still mounting. In many organisations, there is also the question of who manages cybersecurity. Depending on the company size, it could be the owner, the operations or business manager, the CFO, the Ops Manager or the IT Manager.

9% of organisations surveyed said the responsibility is shared across multiple roles rather than having a single cybersecurity leader. Here at Colton, we know that cybersecurity is everyone’s responsibility; however, without clear accountability, it is easy to see how implementing a solid incident response plan can slip through the cracks.

Ok, enough of the doom and gloom. Let’s get the solution!

Communication is everything!  There is no point in creating a plan that no one knows about or understands. You need to ensure everyone knows the plan, from the board to the janitor to the barista. It needs to read well so that the average person can understand it. Get feedback from different departments. Update the plan regularly.  Colton Computer Technologies can assist you with ensuring your incident response plan is solid and current.

Take an organisation-wide approach. All staff and all departments should be aware of this plan, prevention and action steps. Every employee is responsible for the emails they click on and every bit of information they come across. Jane from marketing is just as responsible for the security of your business as John from IT. With all hands working together, you’ve now got an army defending your organisation, and it takes some of the pressure off of your burnt-out cyber and IT team.

Cyber awareness and training are great ways to get your organisation cyber-ready. From onboarding to regular companywide training, this can go a long way to preventing an attack or recognising the signs and what to do if one occurs. Knowing who to report to or what to look out for in an email can be the difference between making or breaking your company. Just like a company has regular fire drills so you know how to escape a burning building safely, a cyber drill should also be put into place so that you mitigate the risk of data being compromised.

Business continuity is a big deal! In the case of an emergency, how will your business adapt and continue to operate? You need to map this out within your incident response plan. How your business performs and represents itself in the wake of a disaster can impact the longevity and reputation of your business.

If you are managing cybersecurity and IT internally, you might feel a little overwhelmed. However, you are not in this alone. Colton Computer Technologies can help you with your data breach response plan, business continuity plan and managed detection and response.  With MDR, you can access world-class security expertise without adding to your headcount. By leveraging Sophos MDR through Colton, you get a fully managed service that delivers complete security coverage wherever your data resides. We can help with the heavy lifting so you can ensure that you are on top of your incident response.

So, there you have it. Don’t end up being part of the 29% of companies that don’t have a plan – ensure your business is ready to handle whatever comes your way. For help ensuring that your company is prepared, give us a call. We’d be happy to chat about your situation.