As the silly season approaches, businesses need to remain extra vigilant for cyber-attacks. Cyber criminals often target holidays, so steps need to be taken to ensure we don’t end up with something worse than a lump of coal in their Christmas stocking.
The holiday cheer can be infectious but with so much on, distracted people can let their guard down. Suspicious emails can fall through the cracks and with people taking breaks, security teams may be short staffed.
Not that any time is safe from cyber-attacks – according to the Office of the Australian Information Commissioner (OAIC), almost half of Australians were affected by a data breach in the last 18 months. But the OAIC also says it sees an upswing in the number of reported data breaches in the last half of the year leading up to Christmas.
To ensure we all have a happy new year, security teams should consider the following:
· Test incident response playbooks, including disaster recovery. Having these working and recently drilled will make for speedier recoveries.
· Ensure your backups are updated before you go offline for the break, so you have recent copies of critical systems. These should all be offline as ransomware crews are known to target online backups to maximise disruption.
· Establish contact arrangements should an incident take place. This should include the appropriate people to contact, contact information, availability, location, and role if a critical incident takes place.
· Create a security tool monitoring plan over the break. Many toolsets allow for critical alerts to be sent to phones, emails and applications that allow for quick investigation, so understanding who and what is being monitored is critical. Also, if using third party monitoring services, ensure to confirm what their monitoring situation is during the holidays and that they have your holiday contact arrangements.
· Talk to your various business units to understand what activity they intend to undertake during the holidays. You don’t want your Christmas Day ruined as a contractor decided to capitalise on the holiday downtime to run upgrades, but in doing so triggers a series of high-level security alerts that require urgent attention.
Additionally, AI-based cybersecurity solutions can free your security teams to focus on the areas where strategy and human intuition can make a difference. It’s also important to know you don’t have to do it yourself – partnering with experts can relieve the burden and help ensure you and your organisation is protected during the holidays.
Don’t let cybersecurity become an afterthought this holiday season. Cyber-criminals will take any opportunity they can get to attack your business – and that means taking advantage of the time people are most vulnerable and probably thinking about family, fri