Stanton Chase Amsterdam hosts latest session on preventing cyberattacks
Stanton Chase Amsterdam held its annual series of Non-Executive Directors (NED) breakfast sessions during the months of September and October. This year’s theme was cybersecurity and the role of NEDs in building and maintaining effectively cybersecurity policies at their organizations.
The sessions kicked off with a virtual introduction by Dick Berlijn, a former Commander of the Dutch Armed Forces. After his military career he became a cybersecurity strategy board adviser with Deloitte, and he is currently a Partner with Hague Corporate Affairs. During his remarks, Berlijn discussed the significant threats that cyberattacks pose in disrupting individual companies, whole sectors, and wider society. He also spoke of the parallels between traditional warfare and cyberattacks and the necessary responses that involve strategic options to anticipate, divert, and engage attacks.
The Stanton Chase NED meetings were co-hosted by Jaap Remijn, former Group COO with Travelex. During his tenure, Remijn gained firsthand cybersecurity-breach experience when his organization was hit by a ransomware attack. He candidly shared the event timeline, his thought processes, the challenges, and strategic options that went into dealing with the cyberattack.
His address was followed by a question-and-answer session for NEDs in which they shared their experiences and discussed both real-world examples and hypothetical scenarios.
Summary And Key Takeaways
Organizations can benefit from having a cyber-recovery plan that covers all five critical stages (identification, containment, impact assessment, recovery, and aftercare) that organizations need to go through during a ransomware attack. Each of these stages requires dedicated action and a clear allocation of responsibilities that should be addressed in a timely manner.
Given the digital openness of organizations caused by remote working, social media, “bring your own device”, hybrid hosting, IoT, and SAAS, to name a few things, many companies must rethink their cybersecurity strategy. How do you protect your IT networks, databases, and all the transactions your organization processes each day? How can you best build up cyber capabilities to adequately detect, protect, and respond to cyber threats? During our NED meetings, it became very clear that it is not a question of if an organization will be hacked but rather when will and how it will respond. Cybersecurity as prevention is of course key, but companies must also develop and maintain a recovery plan for when it happens.
Even in firms with highly educated employees who are well-versed in cybersecurity measures, the threat is real, and recent tests have found that a percentage of people are still at risk of clicking on phishing emails.
The key questions for NEDs to consider center around ensuring cyber business continuity:
- How is your cyber security governance organized, and does it cover all levels of the organization?
- What is the maturity of the organization’s five cyber sub-capabilities mentioned before?
- Is there an up-to-date cyber recovery plan, what does it look like, and does it address all stages of a ransomware attack?
- How are the responsibilities organized for all the above-mentioned aspects?
Following the well-documented cyberattack at Travelex, there are four key lessons that can be learned:
- Internal and external communication plans need to be ready and crisis communication needs to be involved from the very start of the calamity.
- Organizations need to have an up-to-date cyber recovery plan in place and frequently test its effectiveness.
- Organizations need to ensure their IT and digital basic controls are in order (asset management, identity and access management, configuration management, etc.). This is often not regarded as the most exciting role in IT, but it is crucial in case a cyber calamity takes place.
- Recovering from a cyber calamity is a team effort that requires the involvement of all business and support functions. Such a recovery plan consists of the following elements. 1) Governance and communication, 2) Planning and preparation to improve the efficiency and effectiveness of recovery efforts, 3) Scripts for all the stages of the life cycle of a ransomware attack.
Most companies are not prepared for a large-scale cyberattack. NEDs are often not aware of what cybersecurity plans (if any) are in place within their organizations. Cyber hacking is a growing, highly professional, and well-organized global business. Its participants work seamlessly and internationally together in pursuit of their goals. When a hack presents itself, the initial cyber breach into the IT network entered the systems on average weeks to even months in advance. This allowed the attackers to plan the routes and search for sensitive information and weaknesses to maximize damage and thereby potential payoff.
For the vast majority of our NED meeting participants, the risks and the remedies for rapidly increasing cyber threats were an eye-opener. There is no time to lose in protecting your company and your employees from the risks of cyberattacks. To find out more about our annual NED breakfast sessions or how Stanton Chase Amsterdam can help your company be prepared for a cyberattack, please contact us here.