Digital communications: the key to cyber-resilience

Cyber attacks are increasing in frequency and sophistication. Most firms now accept that it’s a question of when an incident will occur, not if attacks can be prevented altogether. This means a shift of focus from prevention to resilience – it’s all about how quickly and effectively you can respond and recover.

March 14, 2022

Communications – both internal and external – are an often-neglected part of cyber-resiliency, but they can be absolutely essential, even forming the backbone of your response. Keep reading to learn five reasons why comms are key for cyber resilience.

1. Meet your obligations

For financial firms operating in the UK, there are a number of regulatory bodies that require reporting of cyber incidents. For example:

  • Data breaches must be reported to the Information Commissioner’s Office (ICO) within 72 hours of discovery
  • Material operational incidents (including significant data loss, unavailability or loss of control of IT systems and suspected unauthorised access) should generally be reported to the Financial Conduct Authority (FCA)
  • Suspected criminal activity related to cyber should be reported to Action Fraud
  • Cyber incidents in general may need to be reported to the National Cyber Security Centre (NCSC)

That means that from the moment a cyber incident is detected, firms are required to communicate with a variety of organisations – an effective, reliable, confidential comms system is indispensable.

2. Benefit from your most valuable resource

That’s your people. You invest heavily in them, and for good reason. You probably already have all kinds of skills among your teams which can help manage a cyber-incident. Most obviously, you might have in-house IT professionals who can isolate key systems and data to limit an attack, and begin an investigation to get you back up and running. But other key skills come into play too. Excellent communicators can get in touch with your clients and stakeholders to protect your reputation and manage expectations as you recover. And the resilient, resourceful people in all areas of your firm can step in to keep things ticking over as much as possible.

These key people are already with you – all you have to do is make sure they can work together effectively.

3. Turn down the temperature

Cyber incidents can be really scary: from threats to key data to big financial losses to letting your customers down, there’s a lot at stake. And that fear can be amplified when people are isolated. Open communication channels bring down panic levels by reuniting your teams. A problem shared is a problem halved, and your key employees will think more clearly and make better decisions when they’re surrounded by trusted and supportive colleagues.
At the same time, it’s crucial that your communication tools are private and secure… you don’t want your attackers listening in!

4. Bring in the experts

With effective communication systems, you’re free to call in extra support from the experts. You can get in touch with third-party cyber experts and contractors who have the expertise to support your recovery.

Again, it’s crucial that you can trust these tools to work consistently and keep your communications confidential. Depending on the nature of the incident, you might have to disable big chunks of your core systems, so a failover tool that’s separate from your usual environment is ideal.

5. Reassure your customers

As a financial organisation, your biggest responsibilities are to your customers. They’re depending on you, potentially for some of the most important aspects of their day-to-day lives.

The right communication system is going to help you help them through a potentially worrying time. You’ll need a way to get in touch with them quickly, to explain what’s happening and reassure them that you’re acting to fix the incident.

Robust communications also mean that your customers can contact you with issues or difficulties they may be facing as a result of the incident. This gives you the opportunity to demonstrate that you’re accountable and trustworthy, and it’ll ease their concerns

Bonus: get back to business-as-usual

Cyber incidents don’t resolve in a few hours, or even a few days. In fact, the average length of interruption after ransomware attacks on US based businesses is 22 days. That’s a long time for any business to be out of action.

But with a robust comms system that lets your people talk to each other, and fulfil their commitments to meet with partners and clients, you can begin to get your business back up and running much more quickly. You might not be able to do everything through your digital communications system, but keeping processes and meetings going throughout the incident will go a long way to minimising disruption.

Would your communications tools stay reliable, confidential and accessible in a cyber attack? Do you have a failover solution if they need to be disabled to contain an attack?

StarLeaf Standby is the comprehensive enterprise communications failover service. It’s completely separate from your primary solution and is built on robust StarLeaf infrastructure. If you’re ready to secure your communications, book your free Enterprise Communications Resiliency Audit today – it’s the first step.

Book now