Cyber attack – are you ready for the inevitable?

Cyber attack – are you ready for the inevitable?

Thursday 15 September

Russell McVeagh has today launched a new 'Cyber Attack Tookit', which describes a model on how to prepare for, and how to respond to, a cyber attack. The step-by-step guide covers three key elements: the roles and responsibilities of a cyber response team, the eight steps towards cyber attack preparedness, and how to respond to an attack – including the technical response, managing external communication and making or defending legal claims.

The booklet has been published by the firm's Information Communication and Technology (ICT) team, who advises on the full spectrum of ICT matters for the private and public sector.

Cyber attacks are occurring constantly and all organisations, big and small, are targets. Responsibility of cyber attack prevention and cure should not lie solely with an organisation's IT department, or with IT providers – instead, management teams should understand the risks and have devised and implemented an appropriate cyber resilience programme across their organisation. Anyone who has access to IT systems and data presents a vulnerability that could be exploited by a would-be hacker, and therefore, everyone in the organisation should be concerned with being cyber attack prepared.

The booklet outlines 'eight steps towards cyber attack preparedness' and these are explained in the well-designed, easy-to-digestCyber Attack Toolkit. The eight steps include:

• Making an inventory of critical IT assets;

• Assessing the risks and understand the practical impacts of a cyber attack;

• Setting the standards and determine the standard of reasonable protection;

• Doing a gap analysis of current practice;

• Ensuring appropriate documentation and contractual arrangements are in place;

• Making and implementing a plan to rectify current deficiencies;

• Planning for an attack;

• Testing organisational response and continually adapting to changing circumstances.

The 'How to respond' section of the booklet details 'three 'C's of a cyber attack response': Correct, Communicate, and Claim. Advice includes how to leverage contractual rights, who needs to be advised (and what and how they should be told), and then after the dust settles, how to determine what kind of claim an organisation may be able to make (and what claims may be made against the organisation).

Tom Maasland of Russell McVeagh's ICT Practice Group says, "With so much talk in the market about the risks of cyber attacks, we want to provide a toolkit to help organisations become cyber-prepared or check their existing preparedness is up to date. Our Cyber Attack Toolkit will be an evolving guide – as with the continual acceleration of technological change, we all need to continue to assess, adapt, and prepare".

The Cyber Attack Toolkit is available by request. Please email Head of Auckland ICT Practice Group, Tom Maasland attom.maasland@russellmcveagh.com, to request access to a complimentary copy.

ends

© Scoop Media