TECHNOLOGY
to an optimum level. Aiming for a 90% resolution rate for a first call interaction is a good target to use, as is understanding that some enquires may need further investigation or a specific response accessing wider parts of the business. If credit or web monitoring services are offered, this is typically a voucher code contained in the notification, pointing the individual to a website to sign up. Wording supporting this is provided to help people sign up.
with the knowledge to identify and avoid common cyber threats like phishing and social engineering attacks. A culture of cybersecurity can also encourage employees to report suspicious activities, further enhancing the organisation's resilience. This will only become more important as advances in artificial intelligence give threat actors the tools to perform ever-more sophisticated attacks, such as those we’re already starting to see with voice impersonation attacks over the phone.
and that resources are in place when you need them. In summary, preparing for cyber risks involves investing in robust systems and fostering a cybersecurity-conscious culture. Regular rehearsals or cyber drills can help organisations identify weaknesses in their defence mechanisms and improve their responses to real incidents. Lastly, adopting a data minimisation policy – keeping only necessary data – can limit the potential damage from data breaches. By adopting these strategies, organisations can significantly reduce their cyber risk exposure and improve their resilience against cyber threats. n Jim Steven is Experian’s head of crisis and data breach response services in the UK, building on the knowledge, experience and success of Experian’s global data breach resolution offering to help organisations take proactive steps in preparing for the ever-growing threat of data breach. If you want to learn more about preparing for and responding to ransomware attacks, please visit https:// ow.ly/UIKa50QG0Xv. Oliver Price is a director in S-RM’s cybersecurity practice. His expertise spans from managing incident response teams in response to global ransomware campaigns and providing expert witness in high-profile cases, to assisting large organisations in developing their security practices to increase resilience. You can find out more about S-RM here: https://ow.ly/ LM4z50QFwBj.
"When it comes to people, cybersecurity awareness and training are key"
Mitigating cyber risks requires a two-pronged approach: robust systems and informed people On the systems front, organisations should invest in effective cybersecurity infrastructure. This includes firewalls, intrusion detection systems and encryption technologies. Regular system audits and vulnerability assessments are also crucial to identify and address potential security gaps. Additionally, implementing a robust backup and recovery plan can help minimise data loss and downtime during a cyber incident. When it comes to people, cybersecurity awareness and training are key. Employees are often the first line of defence in the cybersecurity chain. Regular training can equip employees
In relation to the communication plan, reducing the amount of data you hold is the best way to reduce the impact. If you don’t need to hold personal information, delete it. Having a plan in place and understanding the key aspects of that plan are critical to mitigating the impacts of these types of events. Clean, accurate contact information, knowing what channels you will be using and having the template layouts already created really saves a lot of time. Although elements will always be dynamic, having members of the team understanding their roles and responsibilities makes this type of recovery a lot calmer and more straightforward. The final element is regular rehearsals and working together to fine-tune how you will ensure communications are accurate, timely
39
| Professional in Payroll, Pensions and Reward |
Issue 99 | April 2024
Made with FlippingBook - Online magazine maker