What happens if no card payments can be made? What will you do when over the country, all payment systems are down indefinitely? The question is not if but when, this situation arises. Is it "cash is king" that applies then? And if we go one step further - how well prepared are organizations and companies for similar situations in the event of a hacker attack or similar? If there was a crisis, would your company be able to handle the situation?
In the Swedish Television SVT's new program series "Samhällskollaps", (translated: Social collapse) Sweden's preparedness is tested through simulations of various social crises. Central executives such as former Swedish Prime Minister Carl Bildt, chief executive officer at the Swedish Civil Contingencies Agency (MSB) Camilla Asp, and head of security at the Swedish Trade federation Per Geijer among others, are faced with dealing with the simulated crises. Among other things, the scenario of how Sweden would act if faced with a massive hacker attack aimed at the payment system, that knocks out the entire Swedish population's opportunities to pay electronically, is treated.
But security means knowledge of all threats and risks and how they can be prevented and avoided - not just regarding our payment systems. Security is necessary for companies and organizations safety and for survival in the long run. What threatens security and survival is a security threat and needs to be treated as such. What are the potential vulnerabilities in your organization regarding cyber threats, hacker attacks and digital security breaches?
Security is necessary for companies and organizations safety and for survival in the long run.
If the results of the risks are calculated, and an organization's ability to manage and get through them (both internal or external issues), these can then be summed up to the company's vulnerability. Vulnerability is present in all companies more or less, and therefore active security thinking is required in all organizations - large and small, public as well as private. These risk and vulnerability analyzes are one way to get a better idea of what the risks and the vulnerabilities are. This is a work that is never completed, an ongoing process. Swedish Civil Contingencies Agency (MSB), among others, are heavy advocates for keepingtrack of your risks, abilities and vulnerabilities and offers guidance in the matter.
One might think that it should come natural to think, that if you are responsible for a company under normal and functioning conditions, then you are also responsible during a crisis situations of various kinds. But some may still need to think once or twice abaout this - what is the routine for your company, what is being done today, and what to do in the event of, for example, a digital security breach? As the person responsible for an organization, you also have the responsibility to prevent and anticipate. This means that even before the crisis comes, you know how it is to be handled - which affected parties are to be notified, what is to be done and by whom. Thinking before always pays off in the long run! Working preventively creates security, gives a good reputation and builds a strong brand.
Thinking before always pays off in the long run!
So what happens to your business if you get hacked - "what to do", so to speak? Although some organizations often manage to deal with and ward off some minor incidents on a daily basis, larger and coordinated resources are needed to deal with a more serious attack. By working with risk and vulnerability analyzes, one can see how the situation is right now and analyze what can happen and what ability the organization then has to handle these potential threats. By then working continuously with the risks and building up strategies, policies and plans for dealing with different types of interruptions in the business, the company can be well prepared and may even prevent an attack from happening all togehter! You can also visit MSB's webpage for example, to get some helpful tips and pointers on what to do.
Practicing crisis management in the event of, for example a simulated data breach, is very effective. Companies should practice both internally, but also together with external parties. Practice builds security - you know better how to act when it really matters. It makes it possible to identify and develop roles and responsibilities given in controlled ways, and a good basis for cooperation is strengthened. Safety and security always needs to be prioritized, it always pays in the long run.
Farsight is a Swedish IT development partner that makes people and organizations grow! We are your ”go-to-guys” regarding all your IT systems, technology and IT-security subject matters. At the same time, we are local community builders and ensue a sound labour market and good ethics. Our business is all about finding clever solutions for secure access, management and communication of business-critical information.