5 Steps to Building Your Cyber Security Plan

Cyber-attacks are on the rise. According to the Home Office ‘Cyber security breaches survey 2024’, 50% of UK businesses and 32% of UK charities reported having had a security breach in the last 12 months. That is a staggering number and continues to increase year on year. While many businesses claim cyber security is on their agenda, is it really high enough on the priority list? 

If you are struggling to know if you have all bases covered, we have put together some steps to help ensure that your business is protected in the event of a cyber-attack.

1. Define the team responsible for cyber security

This is more than just the IT team. When it comes to cyber breaches there are many areas of the business that should be included. These people should be aware of and included in all cyber security plans from the beginning:

• CEO –They should be fully bought into the need for cyber security, happy to assign budget, know the disaster recovery plan and be a key part of its execution if a breach were to occur.
• COO–Pivotal in the event of a cyber-attack. They will be the one in charge of all disaster recovery plans and their implementation, including cyber security.
• CTO/CIO – As leaders in the tech team, they should ensure the right cyber security technology is in place for the business and be advocates for this in the boardroom. 
• IT Manager: Responsible for the day-to-day running and monitoring of the IT systems, including checking for cyber threats.
• HR – Need to be aware of any breaches as they occur as they may contain PII (Personal Identifiable Information), affect staff data and need to help inform the business.
• Legal – One of the first departments that should be called if there is a breach but are often forgotten about. They will advise who should be notified of the breach and any deadlines to avoid hefty fines.
• CFO – How will the breach impact the business financially?

2. Have a plan of action

It’s no good waiting until an event happens and then trying to figure it out on the fly. All companies should have a Disaster Recovery plan in place to help get their business back up and running in the event of a disaster- including a cyber-attack. Key stakeholders in the business should be fully aware of the plan and buy into it. Your plan should be well thought out and easy to put into place quickly and efficiently in the event of an attack to minimise downtime. It should include things such as what happens if you are hit? Who is the internal team in charge of executing the plan after an attack? Who should be told e.g. are there any regulators in your industry that need to be informed? What provisions need to be in place for managing the issue with staff and your customers? What order should the actions be taken in?

However, it's not good enough to create your plan and then leave it at that. Plans should be revisited regularly to make sure that they are still up to date and that everyone knows the steps they need to take.

3. Train your staff to spot cyber threats

Staff are seen as a weak link by cyber criminals. One of the easiest ways for them to infiltrate your network is via a phishing link. They will send an email out pretending to be from another member of the team or a supplier with a link to click, and as simple as that they will then have access to your systems. Staff need to be continuously educated and kept aware of the threat of phishing attacks. You can run phishing exercises where you send out fake emails internally to see who clicks on them. These people can then be given extra training on how to spot a fake email and therefore reduce the risk of phishing happening. Creating awareness with your team about the types of threats and what they look like can be a massive help to staff so they become more alert and can recognise phishing emails.

4. Invest in cyber security

To ensure your company is protected from cyber-crime you need to make sure that you invest in cyber security. Just buying whatever is cheapest isn't the solution. It should be taken seriously and have a decent budget assigned to it. You need to be looking at solutions that are robust and meet certain regulations and guarantees. Internal systems should be constantly monitored for any breaches and malware removed. Did you know that most attacks that happen had the malware sat undetected on their network for some time?

It is also a common misconception that by having a backup of your data that you are safe. Hackers now often compromise your backed-up data too, leaving you with nothing unless you pay them the ransom they are asking for. You need a cyber security solution that can ensure that your data and your backups are safe to get your business back up and running quickly.

5. Test your plan

Having a Disaster Recovery plan is great, but it’s no good if your plans are not tried and tested. Make sure that everyone in the team is aware of their role in the plan and run through a practice scenario to ensure that people know what to do if a security breach occurs. This testing extends beyond the IT Team, all areas of the business should be aware of the plan and play their part in recovery exercises. Plans should be tested at least once a year to ensure they are fit for purpose and updated as needed.

If you would like support to construct your Cyber Security plans, then contact us today: Contact | Navos Technologies