You’ve been attacked! What’s the first thing that comes to mind?
Date: 3 April 2020
You are under a cyber-attack. What’s the first thing that comes to mind?
Everyone assumes that cyber-attacks, like deadly diseases, can never happen to them… until they do! Thanks to our desire to live in oblivion and denial, we rarely prepare for an attack, let alone rehearsing what we’ll do when we do get attacked.
However, as more and more countries and industry regulators are emphasizing on the need to regularly practice Cyber Incident Response Playbooks with Tabletop Exercises, it’s imperative to ask one question – what’s the first thing that will come to mind when they realise their business is under a cyber-attack.
At the recent Wisdom of Crowds event, organised by Cyber Management Alliance, in Bengaluru’s stylish Sheraton Grand Brigade, we got the chance to ask India’s top IT and Security experts this one vital question – what would their first thought be if they are told they have been attacked!
Not surprisingly, Balasubramaniam Narayanan, CISO, Cloudnine Group of Hospitals said, “How has it happened? How resilient are we and how soon can our business bounce back? How do we stop any potential loss?” These are the first thoughts that come to anybody’s mind. The remedial steps are something one thinks about subsequently, said Narayanan.
Phani Krishna Sunkaranam, Infosec & Data Privacy, Trianz Holdings corroborated this viewpoint as he said, “From an executive perspective, the first thing we think about is how to stop it. From a response perspective, the first thing to do is to is to confirm and triage it. Where is it attacking, where is it growing, which direction is it taking… the triage aspects need to be confirmed and as early as possible, we need to stop the attack.”
Offering another perspective, Ravi Kumar Srivastava added that any CISO will think about the assets of the business. “The high priority data should be safe. Once that is done, we can decide the plan of action.”
Building further on these thoughts, Satyavathi Divadar, Director of Cybersecurity, News Corp said, “What is being hit? What is the impact? Is it small or big? Is it something that’s not crucial to the business? Then we can take some time. But if it’s really crucial and it’s attacking your crown jewels then you need to rush.” She added that another thing that would come to mind is who the impacted stakeholders are and to offer them a short response with updates on what’s actually happening.
His first thought would be to know if his security team knows what the attacker’s next move could be, said Sachin Jain, VP, Global Technology, JP Morgan Services India Pvt Ltd. “Is my team ready to check their next move so I can mitigate the impact? Is my team ready to isolate that particular attack so that I can protect whatever is not protected yet? How can I mitigate whatever has already been impacted?” These are the three vital questions that Jain believes would come to his mind in case of an attack.
Continuing this line of thought, Nikunj Desai, Director, Cybersecurity, Microland Ltd, said that one of the first few things that would come to mind is how to protect and isolate those aspects of the business that haven’t been impacted yet. “The company’s brand image and the business impact,” are other aspects that would come to mind immediately, said Desai.
Are you looking for more such insights and opinions from experts? Watch more videos from our Bengaluru Wisdom of Crowds event here. For more information on future Wisdom of Crowds events, sponsorship opportunities or participation in a Wisdom of Crowds event, contact firstname.lastname@example.org or contact us today.
If you’d like to really prepare for a Cyber Incident and would like help and guidance on conducting Tabletop Exercises within your organisation, you can read about our detailed offerings here.
For more information on Cyber Management Alliance, our GCHQ-Certified CIPR training and other courses, webinars, Wisdom of Crowds live events, and our Insights with Cyber Leaders series of executive interviews, click here or contact us today.
Subscribe to the Cyber Management Alliance YouTube channel for more insights and interviews from leading cybersecurity executives across the world!