A cyber breach has just occurred. What do we do now?

A cyber breach has just occurred. What do we do now?

Cyber attacks are seeing a steady rise in number and sophistication. Developing a strong cyber security playbook will enable each member of your organisation to confront and these threats and avoid them in the future.

5 Mins

1st August 2023

Article

Cyber security, Cyber education

Key takeaways

● Cyber breaches continue to increase in sophistication and scale.

● A well-rounded incident response team is necessary to address breaches.

● Singtel provides solutions that support IR teams in preventing and eradicating threats.

With criminals devising more sophisticated methods of breaching company networks, a cyber security playbook has become an essential tool in ensuring that every person in your organisation—from interns to top officers—understands what to do in the event of a breach. A good playbook should outline the steps a team must take before, during, and after a cyber breach to protect company assets. Think of it as a standardised checklist that team members are to follow depending on the kind of incident that occurs.

 

Building cyber-defences like a playbook is critical because the increasing rampancy of cyber attacks has made the possibility of one a question of “when” and not “if.” And its consequences are hefty.

 

IBM reports that in 2023, the average financial cost of a data breach is USD 4.45 million—15% more than what it cost the previous three years.1 Despite their drastic effects, however, 40% of chief security officers believe their organisations are ill-equipped for rapidly evolving cyber security risks.2

 

A strong cyber security response begins with understanding the threats your business faces. A cyber security playbook should detail those your organisation will most likely face. Here are a few common security breaches encountered by enterprises:

 

1. Phishing

 

Technology has provided hackers with better tools to develop attacks against organisations, but the leading cause for cyber security issues remains surprisingly simple: employee mistakes. Human error accounts for 88% of cyber breaches today.3

 

Phishing takes advantage of this reality with emails, chats, and websites that seem legitimate at a glance, but serve to swipe private information from victims. Enterprises must also be watchful of a targeted form of phishing called spear phishing, which focuses on stealing information from specific individuals through concentrated efforts.

 

2. Malware

 

Malware is a malicious code or program that attacks or damages data, networks, and devices.

 

Ransomware in particular is a growing concern as, despite expectations of such crimes to dwindle, big game hunters have already earned USD 449.1 million through June of this year.4 Singapore is similarly facing an alarming increase in ransomware crimes, causing the government to deploy an inter-agency task force to curb its steep rise.5

 

3. Distributed denial of services (DDoS)

 

A DDoS attack disrupts a system by bombarding an IP address with requests until a server crashes. Hackers accomplish this using botnets, or a network of devices controlled via malware.

 

77% of organisations have no formal incident response plan.⁶

Despite the myriad threats facing enterprises today, research shows that 77% of organisations have no formal incident response (IR) plan.6 A robust cyber security IR plan that addresses short- and long-term goals is crucial to any organisation that seeks to minimise the consequences of data breaches.

 

The following steps outline the contents that should make up your cyber security playbook. These include a strong team, protection measures, communication guidelines, and a business continuity plan.

 

Prepare your incident response team

A cyber breach affects more than just your network, so you need a well-rounded team to swiftly respond when an incident occurs.

 

There are four key parts to a good IR team: a team leader to coordinate tasks and report to executives, a technical expert or experts with a deep understanding of your systems, a communications manager to develop internal and external statements, and legal counsel to guide you through compliance with law enforcement.7

 

These professionals will actively develop your IR plan before a crisis occurs. Pre-incident, their responsibilities include running tests to address vulnerabilities and ensuring that company-wide cybersecurity measures are up to date.

 

Prepare different workflows for different incident alert levels. Then review these plans every three months to ensure their continued relevance to the ever-evolving digital landscape. Singtel's cyber security experts can run automated security tests that examine and identify security gaps in your environment.

 

Detect, analyse, and contain threats

Your IR team is the first to be alerted and mobilised when a breach is detected. Should a breach affect access to default communication channels such as your email8, have alternative streams of communication ready to enable quick correspondence. Once alerted, technical experts examine breach details and damage severity to determine which workflow to execute.

 

Time is of the essence during an incident. Singtel bolsters your team’s defenses with decisive and effective threat detection and response services to avoid further data compromise and eradicate the threat at hand.

 

Communicate with employees, customers, and stakeholders

Cyber breaches can drastically tarnish an enterprise’s reputation to current customers and the general public. Customers may lose trust in your company when they believe their personal information has been mishandled, and the perceived riskiness may make others deem it unsafe to give numbers and home addresses to you.

 

Mitigate such adverse effects with a clear, concise communication strategy—first to alert employees, then to inform customers and stakeholders. Produce also a statement for responding to media inquiries. Detail information taken, if any, and steps taken to contain threats. Your communications manager and legal counsel work together at this point to ensure statements fall within legal policies on cyber attacks and do not disrupt investigations.

 

Regroup and recover

A business continuity plan is part of your cyber security playbook that enables your organisation to keep running after a data breach. Hold a post-mortem meeting to identify the breach impact, what weaknesses it has revealed, and action points for recovery.

 

Since human error still accounts for an overwhelming majority of breaches, enterprises must not overlook the value of cyber security education. Singtel helps enterprises address this need with an extensive cyber security training program that hones employees’ cyber skills.

 

A strong cyber security playbook involves both experts and regular employees working together to form a solid defence system that evolves with you and stays on par with advancing technology.

 

Contact us to learn more about Singtel’s cyber security services.

 

References:

 

1. IBM, Cost of a Data Breach Report 2023, 2023
2. ThoughtLab, Cybersecurity Solutions for a Riskier World, 2022
3. Harvard Business Review, Human Error Drives Most Cyber Incidents. Could AI Help?, 2023
4. Tech Radar, Ransomware payments set to hit a new high in 2023 - here's how to stay safe, 2023
5. Channel News Asia, Singapore sets up ransomware task force to tackle rising threat on businesses, 2022 6. Dark Reading, 77% of Businesses Lack Proper Incident Response Plans, 2018
7. Cynet, Incident Response Team: A Blueprint for Success, 2022
8. Forbes, What To Do If Your Email Is In A Data Breach, 2022

 

facebooktwitterlinkedin

Discover more insights

How 5G fuels a smarter and greener future
Video
How 5G fuels a smarter and greener future

5G, Sustainability, Connectivity

If you thought 5G was about speed, you only see half the picture. Beyond lightning-fast connectivity, 5G is quietly driving sustainability. With its energy-efficient design, 5G lowers power consumption even as data usage hits record highs.

Beneath the surface: the power of underground 5G
Article
Beneath the surface: the power of underground 5G

5G, Smart cities

Underground 5G is transforming industries by delivering high-speed, low-latency connectivity to previously unreachable spaces like mines, metro systems, and tunnels. From Australia’s gold mines to Singapore’s MRT, and South Korea’s subways, this technology enhances safety, efficiency, and real-time data exchange.

Solving network congestion with 5G slicing
Infographic
Solving network congestion with 5G slicing

Healthcare, 5G, Network slicing, Smart cities

From massive concerts and emergency response efforts to high-traffic shopping events, network congestion is a real risk in today’s data-heavy world. This infographic shows how 5G slicing helps businesses stay connected during peak demand by prioritising traffic and ensuring performance.

5G network slicing - a practical explainer for business
Ebook
5G network slicing - a practical explainer for business

5G, Network slicing

In a world where milliseconds matter and every connection counts, 5G network slicing offers enterprises a new edge. This practical guide breaks down what slicing really means for your business—and why now is the time to act.

The human impact of instant connectivity during emergencies
Infographic
The human impact of instant connectivity during emergencies

5G, Healthcare, Network slicing, Smart cities

During emergencies, network slicing gives first responders priority access to maintain critical communications when standard networks fail. Singtel's 5G Network Slicing creates dedicated virtual networks with real-time monitoring, guaranteed bandwidth, and better security for emergency services.

Securing the future of enterprise mobility
Report and whitepaper
Securing the future of enterprise mobility

Healthcare, 5G, Retail, Finance, Manufacturing and logistics, Enterprise mobile protect

As mobile workforces grow, so do the risks. This IDC Snapshot explores how 5G Security-as-a-Service (SecaaS) with built-in AI threat detection and network-level firewalls is redefining enterprise security. Learn how to get started with IDC’s practical guide to securing your workforce with 5G-powered, intelligent protection.

Stay ahead

<p style="text-align: center;">Get the latest digest on business and technology trends straight to your inbox.</p>