In 2014, one of the largest online market places in the world, EBay was hacked in what has come to be known as one of the biggest attacks in the almost-two-century long history of cybercrime (the first recorded act took place in the year 1820).
Granted, large institutions have been hacked before, but it is the manner in which EBay handled the attack that left the company in a maze of flaming embarrassment. For instance, EBay admitted to having withheld information regarding the attack for a long time, raising concerns
While this case might seem detached from the Kenyan economic landscape, the reality is far less comforting. In 2014 alone, Kenyan institutions experienced over 5.4 million, a 108% leap from 2.6 million attacks in 2013 according to reports released by the Ministry of Information, Communications and Technology in July 2015.
With continued increase in digital presence for both institutions and private citizens and a mushrooming of insecure bandwidth providers amongst other vulnerabilities, cybercrime incidents are not only likely to increase, but their effect is likely to be much dire.
In fact, the recently launched PwC Global Economic Crimes Survey 2016 has picked up Cyber Crime as one of Kenya’s most prevalent economic crime. Cyber criminals are, or work with, your disgruntled customer, the errant employee who wants more than they are entitled to or your contracted business affiliate.
More worryingly, your business could incur liability through association with a targeted business. All this makes cyber-attacks extremely difficult to foresee much less protected against. But businesses can and should prepare to control damage left in their wake.
Much has been said about regulations and capacity building on the part of both the government and private sector. While these actions are likely to reduce the likelihood of occurrence of attack, it is not the ultimate guarantee of cyber safety.
The question, therefore, remains, how does a company prepare to avert or minimize the reputational and logistical nightmare that accompanies the typical cyber-attack? How do businesses ensure that they piece everything together in the least time possible and not only resume full business operations but also be in a position to digitally track down the attackers and bring them to book?
More importantly, how does a business cushion itself from repeat attacks as a result of vulnerabilities created in the first attack?
To answer these and other questions businesses have to grapple with a need for an elaborate and comprehensive Business Continuity Plan. In the aftermath of an attack, full recovery is often dependent on both speed and precision of the response team and therefore, all aspects that could be affected in the event of a threat or attack should be unequivocally stated, not just focusing on the technical aspect.
Constituting a response team will require consideration for operational and human resource aspects as attacks often involve employees. A legal team and compliance team is critical both to ensure that response procedures do not contravene internal procedures or laws as well as to document both the restoration and investigation for use in amending controls.
The communications team, on the other hand, will ensure that the business is in control of the information outflow and all disclosures to relevant stakeholders are made.
In the digital age, almost every existing business is a potential cyberattack target. It is, therefore, a high time to retrieve the Business Continuity drawing board and invest time and resources in devising a plan that can weather the evolving complexities of cybercrime.
Brenda Guchu – PwC Forensics Services Practice