Charities are becoming increasingly aware of the target on their backs due to storing personal records and sensitive data and having a lack of funding to put towards cyber security protocols. With this realisation, many are investing in cyber-attack prevention tools, like anti-virus software and enhanced training.
However, people often neglect the fact that cyber-attacks cannot be blocked 100% of the time, and occasionally attacks will slip through the gaps. In these cases, there must be a reliable and tested Cyber Security Incident Response Plan that can be followed.
The Cyber Breaches Survey 2022 reported that:
“boards tend to trust and defer the finer details of a cyber security approach to their IT teams (in the case of larger organisations) or third parties and external providers (in the case of smaller organisations). This is because there was a low level of knowledge of the technical details of cyber risks and how to manage them at senior management and board level.”
This shows the importance of understanding your IT and Cyber position to avoid issues caused by lack of technical knowledge.
Similar to fire escape plans, companies must also develop incident response plans. The ECRC has a free incident response plan template for businesses to use which explains why they need it but also the key considerations they should be thinking about.
Unfortunately, the first time that an organisation discovers they need an Incident Response Plan often coincides with the realisation that they don’t actually have one. The plan itself is simply a document containing the details of key personnel who you can contact if you are worried that you have been victim of a cyber-attack. It also contains key information to help you move through the various stages of containment and then recovery.
Having a good response plan means that you are more likely to come through the experience more quickly and efficiently and with less of your systems exposed to the hack. And the responsibility for establishing and maintaining a plan is down to the business owner and not the managed service provider you use for your IT.
Here at the centre, we would advise you to do three things now:
If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), please call Action Fraud on 0300 123 2040 immediately. This service is available 24 hours a day, 7 days a week.
Please report online to Action Fraud, the UK's national reporting centre for fraud and cybercrime. You can report cybercrime online at any time using the online reporting tool, which will guide you through simple questions to identify what has happened. Action Fraud advisors can also provide the help, support, and advice you need.
If you suspect a phishing attack, please report it to the Suspicious Email Reporting Services (SERS) set up by the NCSC at: report@phising.gov.uk
Text messages can be forwarded to 7726
Click to Open Code Editor