Tips to help your company survive a cyberattack

When it comes to security, your company’s physical premises may be protected, but how much do you know about what’s going on behind the scenes with your data? Over the past decade, technology has made our world increasingly smaller, but the scope of hacks and cybersecurity issues has grown exponentially. The cost of cybercrime on business is projected to reach a staggering six trillion dollars by 2021, according to security specialists Herjavec Group, which consults across Canada, the US and Europe. Apart from the financial hit and data loss after a cyberattack, a company’s good name may be equally hard to recover, as Equifax and Uber discovered in 2017 when hacks of their systems became public knowledge. Ovation talked to two Sheridan alumni — a computer forensic investigator/educator and a media strategist — for tips on how to identify a cyberattack and deal with the aftermath.

On the IT side, Sheridan applied computing professor and alumnus Nicholas Johnston spent years sleuthing his way through corporate breaches in the financial, manufacturing and government fields as a digital crime and computer forensic investigator. He’s seen the damage that IT hacks can cause — and helped clients pick up the pieces.

It’s not only your systems that need to be protected — so does your reputation. That’s where communications professionals enter the picture. A former advisor to the Mayor of Ottawa and current senior strategist at communications firm MediaStyle, Ryan Kennery is used to responding to crises both real and perceived.

Tips from the investigator

When a breach first occurs, the company has to determine the root cause, whether an email, insecure web application or other vulnerability, and act to restrict access of the hackers if they are still within the company network. Then comes the cleanup, which can be a shock to business owners and managers. “The complete resolution of an incident or a breach can take weeks to months depending on how badly an organization was breached,” says Johnston. “Sometimes, it can be half a year that someone will have been inside the network, slowly taking out data before the company realizes it.”

The best plan, Johnston believes, is for businesses to protect themselves by following a few simple tips:

• Don’t wait until disaster strikes — having a business continuity plan ready to put in place after a cyberattack can make the difference between getting back to work or closing the doors.
• Maintain a list of information assets in case of a breach (this includes equipment such as laptops, software, etc.). Ensure that patches and web browsers are up to date, and encourage employees to use password managers.
• Train your staff to look carefully at emails to recognize signs of trouble – even if the email looks like it comes from a trusted sender – transposed letters, incorrect logos, odd tone or other elements.

Most importantly, make these procedures part of your daily routine. Cybersecurity is an issue that will not be going away, says Johnston. “We’ll just continue to get better at addressing it and making the Internet and modern communications safer,” he says.

"Reputation is one of the most important assets you have. It can take years to develop, and it can be lost in seconds." - Ryan Kennery

Tips from the strategist

After a cyberattack, time quickly translates into money. Kennery stresses that it is imperative to get to the customers first, before they discover the news through other outlets, such as the media or some sort of identity theft. “Companies need to let their customers know they care about them, they take their concerns and privacy seriously, and will act as swiftly as they can to address the situation,” he says.

When it comes to communicating your message post cyberattack, Kennery’s recommendations include:

• Consider the mode of transmittal — would a written message or television, phone or video interview be more effective to convey information and emotion?
• Be selective in your choice of spokesperson and train them well. Your company should be having internal conversations about the message being conveyed well before any interviews.
• Think about expertise, and have a deep bench of available spokespeople. If you have options of a spokesperson who is fluent in both English and French, and knowledgeable about particular subject matters, they can be trained to act comfortably when briefing media on a more technical level.
• Communicating as much accurate information as possible can help alleviate public anxiety and be the next step in damage control. And don’t forget about transparency to the media, who can be either friend or foe when it comes to messaging. “Not every story is going to have a one-day news cycle — journalists will routinely check in on things, to provide updates or different perspectives,” says Kennery.

Ensuring your company’s crisis communications plan is in place before a cybersecurity breach occurs is as essential as securing other elements of the business. “Reputation is one of the most important assets you have,” says Kennery. “It can take years to develop, and it can be lost in seconds.”

Illustration Credit: Kimberlyn Porter, Bachelor of Illustration ’16.

Written by: Jill Scarrow, Manager, Advancement Communications at Sheridan.