On the day that the Business Continuity Institute launched its latest Cyber Resilience Report, the importance of ensuring our organizations are prepared for a cyber security incident has once again been demonstrated as a new ransomware attack is causing turmoil across the world.
The attack, dubbed NotPetya due to its similarities to a previous virus called Petya, has resulted in organizations worldwide having their data encrypted, with a demand made for the equivalent of about $300 to be paid in Bitcoin.
NotPetya uses the same exploit that allowed WannaCry to spread so rapidly, but is thought to have found additional ways to infect new systems. It is not yet known how computers originally became infected, but it does not appear to be via email.
This particular attack was first reported in Ukraine where the state power company and Kiev's main airport were both affected, but it has now spread to many other countries including the US, UK, France, Russia and India.
Business continuity can be key to minimising the impact of such an attack and can make a real difference during any kind of emergency, crisis or disruption. It is what makes an organization resilient, ready to respond and carry on, even amid difficult circumstances. Yet business continuity cannot be improvised. It requires specialised and trained staff as well, as the support of everyone within an organization.
Having specialised and trained business continuity staff with the ability and resources to develop, implement and maintain a business continuity plan, will help organizations identify the risks they face and key operational areas that need to be prioritised during a crisis.
"We need to learn from these experiences," said David Thorp, Executive Director at the BCI. "It is clear that the cyber threat is not going away any time soon, so organizations must do more to make sure they can respond to them effectively and prevent them from becoming a crisis."