Close This site uses cookies. If you continue to use the site you agree to this. For more details please see our cookies policy.
Contact   |   Sign in   |   Subscribe

Search

Type your text, and hit enter to search:
SearchSearch Icon
Receive a
FREE copy!Subscribe to
Newsletter

Cyberthreats: An urgent issue for business 

CRJ’s Advisory Panel member Amanda Coleman takes a look at the communications challenges surrounding the recent ransomware cyberattack on Marks and Spencer in her latest blog for Under Pressure.

IMG
Image by Freepik

All businesses should be taking an extra look at their cyberattack response and communication plans in light of the ransomware incident that Marks and Spencer (M&S) is dealing with in the UK. Sky News recently reported M&S said customers’ personal data was also taken by the hackers.

There has been a lot of debate about the communication response from the high street brand. In reality, we are not going to know whether the response was good enough or not until we see how things develop. I have avoided declaring it adequate or not owing to the fact that the effects will make themselves obvious as the days pass.

One thing the company does appear to have failed to do is consider ongoing consequences stemming from the attack. For instance, when they told agency warehouse staff not to come into work, and this quickly became another story in the attack saga. Why this matters to me is that the effect on people is a critical thing to respond to, whether it is inside the business or outside it. This includes suppliers, agencies and distributors. However, no further communication came from the company.

Similar attacks have haunted commercial entities such as the Co-op and Harrods. Even as M&S was battling a cyberattack, the Co-op was telling staff to ensure videos of internal work meetings were kept on record.

It is likely that the approach taken by M&S when tackling this attack is one that has been tried or is being tried by other businesses. The reality is that hackers will see an opportunity to exploit, and more can be expected. This is an important reminder that cyberattacks are a top risk and must be planned and prepared for.

The European Union Agency for Cybersecurity (Enisa) said this week that there was an increasing cybersecurity risk across Europe; that it was rapidly changing and was a particular problem within interconnected supply chains.

So, as communicators, what do we need to do? For starters, we must ensure that we are in discussions about cyber resilience and that we are questioning whether current approaches and plans are sufficient. Then we must test those plans and consider what wider implications they could have on connected groups and individuals. After that, we must prioritise internal communication regarding how to maintain cybersecurity and what staff should be vigilant about. It is important to keep up with the latest threats – the National Cyber Resilience Centre in the UK provides a lot of information and updates for businesses. Finally, businesses should not wait to get prepared.

The threat is here, and it is real.

Read the original article here.

    Tweet       Post       Post
LoginRegister
Oops! Not a subscriber?

This content is available to subscribers only. Click here to subscribe now.

If you already have a subscription, then login here.