With the Christmas break approaching, the CyberScotland Partnership is calling on Scottish businesses to update and review their cyber security protocols and incident response plans.
For most businesses, the upcoming Christmas and New Year break mean fewer people ‘on the ground’, potentially resulting in less oversight of critical systems and making businesses more vulnerable to attack. This ‘downtime’ increases the chances that cyber criminals will strike, so business leaders must think ahead on how to stay safe.
Last Christmas eve, the Scottish Environmental Protection Agency fell victim to a ransomware attack during the holiday period, resulting in more than 4,000 stolen files and around £2 million in lost income. The organisation has since acknowledged that it lacked an immediate incident response plan and has been keen to highlight the importance of making strong plans and preparation to keep an organisation secure for whenever a cyberattack might hit.
To mitigate such an occurrence this Christmas, the CyberScotland Partnership is directing business to its resource library of actionable advice to update their cyber security precautions.
Top advice from the Partnership includes:
- Have an incident management plan: One in 10 organisations do not have an incident management plan (National Cyber Security Centre 2021). If an organisation is one of these, they should address this immediately and make sure physical copies are available should systems be disabled. The first step is looking at ‘what an incident would look like’ for your organisation.
- Make sure data is secure: Business need to know what data they have if they are going to secure it. Regularly auditing data is important to ensure appropriate protections are in place, especially for transferring data or storing data for prolonged periods such as during the Christmas break.
- Back up data using the ‘3-2-1’ rule: This is a popular strategy which can prevent you facing be used in most scenarios to provide a robust safeguard for your systems. Have at least 3 copies, on 2 devices, and 1 offsite backup.
- If you are attacked, know who to call on: The Scottish Business Resilience Centre’s (SBRC) cyber incident response helpline for those who think they have been the victim of a cyber attack is available on 01786 437 472.
Jude McCorry, Chair of the CyberScotland Partnership says: “In the lead up to the festive break, businesses need to think ahead about their cyber security and keep themselves safe. Staff will be looking forward to a much-deserved holiday, but businesses must remember that will leave some of their critical systems unmonitored. The best way to secure your cyber security over this period is to create a plan and prepare your response if a cyber attack occurs.
“To support businesses, the CyberScotland Partnership have curated easy to action resources and information that business can use to make sure they have robust plans in place. The resources cover topics from what is included in an incident response plan to signposting relevant partners such as Police Scotland and the Scottish Business Resilience Centre who run cyber incident helplines.
“The important thing for Scottish businesses to do is to think ahead and act early to protect their critical data and assets.”