Notice: The information in this report is a synopsis of the source articles.  For in depth information please refer to the source cited at the end of each article.


Date: 1 April 2021

Title:  Hacked companies had backup plans. But they didn’t print them out before the attack.

National Cyber Security Centre (NCSC) reports that senior corporate executives still aren’t taking cybersecurity seriously, leaving organizations vulnerable to cyberattacks – with executives only paying attention after things have gone bad.  What organizations need to learn, it is that this is the kind of threat they need to think about. This is the kind of thing that should be as much a regular feature in risk conversations in board rooms as legal risk or financial risk – the CEO see the CISO as often as they see the financial director.  Even if an organization thinks it has a plan in place, things can still go wrong if some basic elements aren’t taken care of.

The NCSC offers tools like Exercise-in-a-Box and cybersecurity guidance for boardrooms to help organizations think about cyberattacks. Exercise-in-a-Box, for example, allows organizations to test their network defenses against real cyberattack scenarios and take lessons on how to improve their security from that.

Boardrooms should be involved when it comes to contingency planning against cyberattacks – they’re more likely to understand the potential threats if they’re discussed not as a technical problem, but a problem with risk, in a similar way to how they’d consider financial risk or legal risk.  It’s the same as any sensible contingency planning. It’s worth thinking through what’s the worst possible scenario, what’s the thing that could go wrong that you need to manage.

What to do?

Develop a cyber risk analysis and recovery plan

Use tools to evaluate your vulnerability to cyberattacks

Ensure your anti-virus and anti-malware software is operational and up to date.

What can you do to when this happens to you?

If you find your network has been compromised immediately shut down and find the source of the breach.

Take steps to mitigate any virus or malware

If data has been compromised and/or exfiltrated notify all interested parties.

Rebuild the network from a known clean backup


Hacked companies had backup plans. But they didn’t print them out before the attack. | ZDNet

 Danny Palmer April 1, 2021