3 steps to deal with cyber-attacks and strengthen cyber resilience

Motel One's data breach highlights importance of robust data security measures

The Motel One hotel chain experienced a cyber-attack that resulted in the theft of personal data, including their customers’ credit card details, names, postal addresses and payment methods. This sensitive information found its way onto the darknet, where it could be used for phishing, extortion, or identity theft.

A cyber-attack is inherently distressing and affects a company's credibility and trust, even if it's not directly responsible for the data compromise. Motel One took immediate action, including engaging a security provider and collaborating with investigative and data protection authorities. The German Newspaper Süddeutsche Zeitung claims that the hotel chain knew about the attack three weeks before they made a public statement.

What organisations can learn from the cyber-attack of Motel One

Despite the unfortunate incident, valuable insights can be learned from Motel One's experience. Firstly, organisations must enhance their cybersecurity measures to defend against increasingly sophisticated cyber threats. Secondly, companies should prioritise transparent and compliant responses to data breaches, fostering trust and building resilience in the face of such events.

1. Cliché but true: make cybersecurity a top priority

In today's digital age, cybersecurity is not just a buzzword; it's an essential element of organisational survival. Hackers are becoming increasingly sophisticated, it’s crucial for businesses to establish robust cybersecurity measures to protect their data, reputation and bottom line.

So, if you haven't already done so, put a sophisticated cybersecurity strategy at the top of your organisation's agenda.

• Implement an Information Security Management System (ISMS): It outlines a structured approach to identifying, assessing, and mitigating cyber risks, ensuring that your organisation is well-equipped to handle potential threats. The internationally recognised standard for implementing an ISMS is ISO 27001 certification.
• Stay alert to new vulnerabilities and developments: The cybersecurity landscape is constantly evolving, with new threats emerging regularly. To stay ahead of the curve, it's essential to maintain a vigilant stance. You can appoint a Chief Information Security Officer (CISO) to oversee cybersecurity operations and help you stay one step ahead of hackers.
• Seek external support: Outsourcing cybersecurity responsibilities to a specialised firm can be a valuable strategy. The subject-matter experts can conduct comprehensive assessments of your existing cybersecurity measures, identify gaps and vulnerabilities, and implement tailored solutions to address them. This external support can free up valuable internal resources while ensuring you have the expertise needed to navigate the ever-changing cybersecurity landscape.

2. Training, training, training: Get your employees on board

In the ever-evolving realm of cybersecurity, human error remains a significant factor, accounting for over 95% of security breaches, according to a study by IBM. This highlights the crucial role of employee training in bolstering an organisation's cybersecurity defenses.

By investing in regular training, professional development, and seminars, you can empower your employees to become cyber-savvy individuals, capable of recognising and avoiding common phishing scams, malware attacks, and other cyber threats.

Practice Cyber Hygiene

Cyber hygiene refers to the regular practices and habits that individuals and organizations adopt to minimize their exposure to cyber threats. It's about cultivating a culture of cybersecurity awareness and embedding secure behaviors into everyday routines.

Think of the neural pathways in your brain as tracks. To produce the desired behaviour, these pathways must be deeply rooted. In practice, this means that cyber-secure behaviour must be repeated over and over again until the processes become automatic.

Embed cyber hygiene in daily routines

A good first step: encourage simple yet effective practices to become ingrained in your employees' daily routines:

• Lock up laptops when unattended: This simple step can significantly reduce the risk of unauthorised access.
• Practice strong password hygiene: Encourage the use of strong, unique passwords and avoid sharing passwords with others.
• Beware of suspicious links and attachments: Educate your employees to exercise caution when opening emails or attachments from unknown senders.

Be creative without being overly controlling or negatively reinforcing.

In all of this, leaders should be the best role models when it comes to cybersecurity. They need to be trusted figures who are willing to self-reflect and improve their cyber behaviour.

You now know the steps you can take to strengthen your organisation's cybersecurity and minimise the risk of attack. But how do you respond appropriately and compliantly in the event of a data breach? Read more.

3. Have a sophisticated incident response plan in place

In the event of an attack on your organisation, having a comprehensive, well-defined incident response plan for what to do next is highly effective.

Legal requirement for data breach disclosure

By law, data breaches must be reported to the relevant supervisory authority within 72 hours if there is a risk to individuals. This risk is considered high if it involves the potential for:

• Lose of control over personal data
• Identity theft
• Financial loss

Data breaches do not need to be reported if the risk to individuals is considered low. If in doubt, the supervisory authority should be informed.

In general, an effective procedure for dealing with cyber-attacks includes the following steps:

• Mitigate the breach by taking immediate action: Depending on the nature of the incident, immediate steps should be taken to mitigate the damage. These include notifying affected parties, deleting and destroying data, and immediately notifying IT professionals.
• Inform C-Level and CISO: Discuss the next steps and determine the actions to be taken.
• Report the incident to the authorities: Ensure that you have gathered all relevant information about the breach. Answer questions such as:
• What type of breach has occurred?
• What data is affected?
• What actions have already been taken?
• Who has been affected?

Do you have a sophisticated erasure policy in place?

A data erasure policy provides a structured overview of what data can be erased and what data must be retained for legal reasons.

It also enables you to respond quickly to a data breach and comply with data protection regulations.

Building resilience for the future

Cyber threats pose a constant challenge to organisations of all sizes. While these threats may seem daunting, these practical steps you can take to strengthen your cybersecurity posture, prepare for data breaches, and minimise their impact.

If you have any questions or need guidance on how the DataGuard ISO 27001 certification solution can help your company's cybersecurity needs, feel free to get in touch with our experts.