News
Comment: NCSC and ICO aims to dispel common misconceptions that can discourage organisations from reporting a cyber attack
May 2023 by Dr Darren Williams, CEO of Blackfog
A “post from the NCSC and ICO aims to dispel common misconceptions that can discourage organisations from reporting a cyber attack
NCSC and ICO are concerned about incidents going unreported, which denies organisations the opportunity to learn from them and prevent future attacks. Advice on best practice offered to help organisations understand their responsibilities and the risk to their data and reputation.”
Dr Darren Williams, CEO of Blackfog, notes that “Delayed reporting has become very common as organisations attempt to stay out of the headlines and shed the cyberattack stigma. The reality, however, is that sweeping a data breach under the carpet isn’t a viable option. IT leaders must be prepared to report any successful cyberattacks and quickly execute damage control measures.
Organisations with robust incident response plans and good communication, can limit damage and prevent a catastrophic hit to their reputation, as the sooner organisations announce a data breach, the faster law enforcement can respond and help guide the situation towards resolution. Most business leaders would immediately call the police if their headquarters was ransacked, yet when their digital assets are stolen by cybercriminals, they hesitate.
While prevention is key to good cybersecurity policy, security leaders must also be aware of the fact that there is a strong chance that hackers will break through their defenses at some point. Deep, multi-layered cybersecurity defenses make it more likely cybercriminals leave tracks for law enforcement agencies to follow, and with data being the ultimate prize for cybercriminals, adding an ADX solution that has been designed to prevent the exfiltration of data has become a necessity to prevent breaches.
It’s also important to remember that regulators won’t be fooled. Most countries have very clear policies that stipulate what is required for organizations who are victims of cyberattacks with many, including CISA and GDPR requiring notification within 72 hours.
Delayed reporting will be discovered by regulators eventually. There is no such thing as a secret when it comes to ransomware. If it’s on the internet it can be discovered by anyone. In fact, BlackFog collects this data on a daily basis and often knows of the attack before the victim has even been notified. The best approach is always full disclosure as soon as possible to limit the damage and any fallout from the attack.”
