Communication in an emergency: Preparing for a cyberattack

Cyberattack. Once a word that conjured images of a teenage genius causing mayhem from a computer in their bedroom, has now become a serious and very real operational threat to businesses of all sizes.

A recent report from Arbor Networks suggested that the most prevalent form of cyberattack – distributed denial of service attacks (DDOS) – are getting far more sophisticated. More than 200 of the reported attacks in 2015 caused 100 gigabits per second (Gbps) of additional traffic. The largest reported attack recorded 500 Gbps – which equates to the entire internet connectivity of Kenya in 2014.

The number of companies reporting DDOS attacks doubles year-on-year and when brands such as the BBC and eBay fall victim, it clearly demonstrates the significance of the DDOS issue. For businesses it is crucial that these events are planned for: what will the business do if a DDOS takes place? How will it communicate with employees and customers when internal systems are compromised?

The cost of attack

Organisations can and will always face crisis situations relating to internal IT systems. Whereas traditionally the focus for businesses was on partial network disruption from internal network issues, the danger of widespread and often complete network infrastructure failure from cyberattack means organisations must think bigger. Although critical events – from both internal and external risk factors – cannot be avoided, the physical, financial and reputational damage of a crisis can be managed and minimised by having effective systems in place for emergency communications.

A recent Business Continuity Institute (BCI) survey asked 467 respondents in 67 countries about their emergency communications plans. Of the companies that did not have an emergency communications plan in place, a staggering 68 per cent said they would wait for a business effecting event before creating an emergency communications plan.

This can be a disastrous strategy. According to the 2015 report from the Ponemon Institute, ‘2015 Cost of Cyber Crime Study: United Kingdom’, cyber-attacks cost businesses on average £4.1 million per incident and each incident can take an average of 31 days to resolve. Many businesses are completely reliant on their online operations and being forced go on hold for a month to resolve a cyberattack could have catastrophic consequences.

Modern critical communications

With a far broader and more complex range of incidents, both operational and emergency-oriented in nature, organisations today require solutions that are engineered for modern critical communications.

The BCI survey found that dedicated emergency communications software is vastly underutilised; just 55 per cent of organisations had emergency communications software in place. Relying on internal IT resources during a network breach is counterintuitive. In many cases, this is the cause of the crisis. If a DDOS attack renders the internal network inoperable, employee email systems will be unusable, website announcements will be ineffective, and support teams will be unable to access stored information on IT communication procedures.

To ensure the right messages can be sent to the right people during partial system downtime, major service disruptions, or a complete network breech, the business’ emergency communications platform must be totally separate to its normal network.

Utilising a Cloud-based SaaS platform is the only effective way to ensure uptime of a separate dedicated support network, and subsequently continuity of communications during a crisis. This offers the reliability, security, and scalability necessary to communicate with key individuals during periods of IT outage.

Making your message count

Once a platform is in place to ensure uptime during IT disruptions, effective communications depend on two key factors: delivering the right message to the right individual, and receiving acknowledgement of delivery. In the case of a cyber-attack, a business will need to send both internal and external notifications to minimise damage.

First, the individuals with the right expertise within the business need to be identified, located and informed of the problem. The support team then need to receive information from these individuals so they know who is available, their location, and receive an estimate of resolution time. Where a business’ customer services are impacted, customers must be informed early to protect consumer confidence and minimise damage to the reputation of the brand.

Predicting the unpredictable

The digital landscape is unpredictable, and a business’ emergency communications platform needs to be easily adaptable to any potential crisis. SaaS tools are the only way an organisation can ensure the ability to notify any and every relevant individual quickly, regardless of the IT impact of the crisis.

The tools exist to ensure an organisation – its revenue, productivity and reputation – has every level of protection against IT downtime caused by cyberattack. But for these tools to be effective in an emergency situation, they must be put in place before a crisis occurs.

Nick Hawkins, Managing Director EMEA, Everbridge