According to IBM, 74% of organizations admit that their cybersecurity plans are either ad-hoc, applied inconsistently or they have no plans at all. That’s especially the case with small-to-medium enterprises, 60% of which lack working and up-to-date cybersecurity policies.
The key element of every digital protection policy is people. A stunning 88% of data breaches are attributed to human error, and only 43% of workers admit having compromised cybersecurity. Businesses have to share the responsibility as well. All it takes is engaging and captivating training to increase staff awareness up to 13 times.
In the event of a cyberattack, there’s no room for error, and this applies to every member of the organization. Companies craft playbooks to assign roles for them, but those instructions must be clear, known and applicable to effectively contain the data breach. One way to make them appealing is a storytelling approach, with the crafted narrative around the organization’s response to cyber threats.
Turning safety into saga: the key elements of cybersecurity playbook
Characters. The nurtured cybersecurity culture is the organization’s best immunity against attacks. When they hit, every employee should know their role, but it doesn’t have to be put into a dull to-do list. Imagine the security and IT team as warriors, other departments as healers and your PR team, handling the crisis, as mages. You might think this approach ridiculous, but Millenial and Gen-Z workers might have a different opinion.
Plot. Make sure to present your team a clear storyline and goals in the containment of the attack. A clearly defined protection strategy should address the question of what risk the organization is willing to accept, and how its daily functions can be affected in an attempt to mitigate it.
The reactive way to defend yourself against cyberattacks is Security Information & Event Management. It effectively identifies the attack as it occurs by analyzing events of your system, and doesn’t interfere with the day-to-day operations. The active way is Endpoint Protection Platform, which blocks the cyberattacks at their source — but at the cost of business’ operational efficiency.
To implement a truly reliable risk management strategy, enterprises have to consider the tradeoff between security and productivity. This equation becomes the vision of the cybersecurity playbook, consisting of infrastructure, staffing, tools and training.
Scenario. With plot structure and characters in place, it’s time to define their responsibilities while securing the perimeter. Actors facing network events on a daily basis is of key importance here. They should share their knowledge and experience on how different attacks develop, and prepare guidelines for those scenarios.
Just remember, that half of the Chief Information Security Officers (CISOs) plan to implement cybersecurity into every business decision. So marketing, sales, finance and other departments — even the C-level management — have to be proactive in concluding the attack and preventing the data breach. After all, some attack vectors are particularly designed to utilize human error and there’s no anti-malware for that.
Weapons. The choice of appropriate digital protection tools is also critical. They have to be aligned to cybersecurity strategy, playbooks for different attack vectors and security goals. Some businesses try to protect their corporate network perimeter, those working remotely are concerned about end-user resilience and others need cloud protection.
Make sure to align those needs with the chosen solutions, as the abundance of tools doesn’t increase the resilience. IBM found that organizations that used 50 tools ranked 8% lower in their ability to detect attacks than those with fewer instruments.
Achievements. Cyberattacks are often invisible and leave no physical trace, so, in the aftermath, the employees might not understand what the fuss is about. Don’t forget to evaluate the steps taken, and appreciate each worker’s input in bringing the situation under control. Their feedback is no less essential as it helps to identify the weakest links in potential future breaches.
Statistics show that 39% of the companies with formal security response plans experienced a disruptive security incident, and among those with no consistent instructions the number was 62%. However, a formal plan doesn’t have to be a dull one. Quite the opposite.
The operable and efficient cybersecurity playbook has to be simple, practical and consistent. Today every department of the company must be familiar with digital resilience strategies, as the prevention and remediation requires joint input by everyone. One way of speaking to the outsiders of the IT realm is gamification or storytelling. It is the way to grab their attention and raise awareness.
Juta Gurinaviciute is chief technology officer at NordVPN Teams.