How prepared is your organisation really for a ransomware attack?
If the worst happened, could your business run? Are you ready to take all your systems offline? Would you negotiate with a ransomware gang? If so, how much are you willing to pay? And what will your CEO say when she or he is doorstepped by a journalist? And will it reassure customers and partners, or tank your share price?
These were some of the questions tackled in the DPP's Cyber Security Secrets report, released in March 2022. The special insight report, supported by member organisations Fastly and Convergent Risks, sourced contributions from 20 experts working across cyber, risk, compliance, threat intelligence and content security to share their best advice about mitigating and responding to cyber attacks. It comprised the tips that go beyond patching best practice, and which are not included in certification programmes - the things that are really making a difference.
One suggestion from our group of cyber security experts was for broadcasters, media companies and their supply chain partners to come together and 'War Game' a collective response to a hostile cyber attack.
Download Cyber Security Secrets
Ransomware response
They gave examples of scenario planning and War Gaming to the 'nth' degree responses to a sophisticated attack.
One contributor spoke about having a journalist and camera operator intercepting and haranguing their company CEO as they arrived at their office. They did this to help the CEO prepare for the day when they have a microphone thrown under their nose, along with a demand for comment.
One of the biggest blindspots companies found was around who communicates what to whom? You need to know whose responsibility it is to inform the bank, who should speak to tech partners and suppliers, and how communications should be made to other partners, authorities and customers. You also need to know how to speak to your own journalists.
Convergent Risks CEO and President, Chris Johnson, added that there is a feeling in the industry that smaller and medium sized organisations in particular are not fully prepared for the threat. He suggested that companies across the media supply chain, from script to screen, come together to rehearse how they will respond as a group to an cyber incident that could impact multiple organisations. The sentiment was echoed by other cyber professionals.
Vulnerabilities affect the whole supply chain
Gonzalo de la Vega, VP Strategic Products at Fastly, said that no organisation was safe unless the media supply chain acted as a unit.
"There is no system which is 100% secure; everybody tries their best but security is never flawless. It's a fight for all of us together against maliciousness. We want to build a more reliable and trustworthy internet for everybody, as vulnerabilities affect the whole supply chain."
Gonzalo de la Vega, Fastly
Five Eyes cyber guidance
In April 2022, the UK's National Cyber Security Centre and its 'Five Eyes' partners in the US, Australia, Canada and New Zealand issued updated advice to mitigate Russian state-sponsored and criminal cyber threats. While the guidance is aimed at critical infrastructure, prominent media organisations and its suppliers have also been high-profile targets.
NCSC CEO Lindy Cameron said:
"In this period of heightened cyber threat, it has never been more important to plan and invest in longer-lasting security measures.
"It is vital that all organisations accelerate plans to raise their overall cyber resilience, particularly those defending our most critical assets.
"The NCSC continues to collaborate with our international and law enforcement partners to provide organisations with timely actionable advice to give them the best chance of preventing cyber attacks, wherever they come from."
The NCSC had already released guidance about actions to take when the cyber threat is heightened following Russia’s invasion of Ukraine.
Aligning IT and the human factor
In the DPP’s Cyber Security Secrets report, one common theme highlighted by the experts were the initiatives - including Bug Bounty programmes, hackathons and improving management skills to tackle the insider threat - which help align IT security with the 'human factor'.
Fastly's Gonzalo de la Vega said that ultimately good initiatives work at the intersection of where organisations make mistakes and where breaches happen. They uncover the technology vulnerabilities and the mistakes humans are prone to making, resulting in more secure products and practices.
The full report is available to download by DPP members here.
Production and broadcast suppliers looking to demonstrate their commitment to working towards and adhering to cyber security best practice can take part in the DPP Committed to Security programme here.
