{"id":22530,"date":"2025-02-10T14:42:07","date_gmt":"2025-02-10T14:42:07","guid":{"rendered":"https:\/\/interface.media\/?p=22530"},"modified":"2025-02-10T14:42:14","modified_gmt":"2025-02-10T14:42:14","slug":"how-to-minimise-the-impact-of-a-cyber-attack","status":"publish","type":"post","link":"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/","title":{"rendered":"How to minimise the impact of a cyber attack\u00a0"},"content":{"rendered":"\n<p>Last year saw a number of high profile cases of businesses falling victim to cyber attacks, with financial as well as reputational implications. According to government <a href=\"https:\/\/www.gov.uk\/government\/statistics\/cyber-security-breaches-survey-2024\/cyber-security-breaches-survey-2024#:~:text=Identification%20of%20cyber%20security%20breaches%20and%20attacks&amp;text=Half%20of%20businesses%20(50%25),comparisons%20between%202023%20and%202024.\" target=\"_blank\" rel=\"noreferrer noopener\">data<\/a>, 50% of all businesses have experienced some form of cyber security breach or attack in the last 12 months \u2013 and with the likelihood of this trend increasing into 2025, preparing for such an event is vital for businesses of all sizes. Yet, the reality is that even with the best prevention strategies in place, there is currently no guaranteed way of avoiding the risk altogether.\u00a0<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-create-a-robust-crisis-plan-nbsp\"><strong><em>Create a robust crisis plan&nbsp;<\/em><\/strong><\/h3>\n\n\n\n<p>The first step in preparing for what to do in the event of a cyber attack is putting together a clear plan of action. This plan should outline different potential scenarios and make clear who is responsible for leading the response across your business.&nbsp;<\/p>\n\n\n\n<p>When doing this it helps to think like a hacker. In what ways might a cyber criminal try to harm your organisation? How will this impact IT, legal, finance, communications, HR, or other departments? It is likely that a successful attack will impact most divisions of the organisation in some way. They all need to be aware of the plan and understand their role. Appointing a specific individual within each department to take the lead and be capable of forming a response team in the event of a threat can help.\u00a0<\/p>\n\n\n\n<p>It is important that every person involved in the plan understands the implications of an attack and why these preparations and their involvement is necessary. Getting their buy-in from the beginning will ensure that everyone is aligned and working together when needed. You can help them to take charge in these scenarios by advising them on what they can do to minimise the impact of the attack. You should list theses steps clearly on your crisis management strategy, with the owner of each action and their contact details shared across the crisis response team.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-test-the-plan-nbsp\"><strong><em>Test the plan&nbsp;<\/em><\/strong><\/h3>\n\n\n\n<p>Everybody should be comfortable and familiar with the steps they need to take. So, once the strategy is finalised and approved, it should be <a href=\"https:\/\/interface.media\/blog\/2024\/12\/02\/gamifying-cybersecurity-in-a-rapidly-evolving-threat-landscape\/\">rigorously tested<\/a>. Much like companies run regular fire drills, the crisis management strategy should be trialled and rehearsed so that it becomes second nature in the event of a real attack.\u00a0<\/p>\n\n\n\n<p>Each person on the strategy should also make sure they have prior approval to conduct any of the actions they might need to take. This may include legal approval, pre-authorised spend caps or written agreement from the CEO that a Chief Information Security Officer (CISO), or similar individual, can take charge if difficult decisions need taking in the event of a threat.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-clear-communication-is-key-nbsp\"><strong><em>Clear communication is key&nbsp;<\/em><\/strong><\/h3>\n\n\n\n<p>At the recent Probrand IT Expo, Jon Staniforth, former CISO at the Royal Mail, spoke about his experience of a ransomware attack. He described the \u2018insatiable\u2019 appetite for communications from many different parties at the time of the attack, with everyone requiring information to suit a different agenda. He explained that handling these communications was the most time-consuming element of his role in the early days of the crisis, occupying 50-70% of his focus. Jon went on to create a dedicated communications team to work with the various stakeholders across PR, corporate communications and public affairs throughout the attack, ensuring the right messaging was getting out in a timely manner, without detracting him from his own role.&nbsp;<\/p>\n\n\n\n<p>Knowing what to communicate, when and to whom is vital during a crisis. Yet, in the moment, it can be easy to get this wrong and say too much \u2013 or too little. Preparing clear messaging in advance and sticking to approved statements in the event of an attack can help to minimise the impact on your business&#8217;s reputation. Working with your organisation\u2019s communications team to align on a strategy, as well as investing in any media training to rehearse real-life scenarios can help to create a clear process if and when the time comes.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-remember-the-importance-of-wellbeing\"><strong><em>Remember the importance of wellbeing<\/em><\/strong><\/h3>\n\n\n\n<p>Looking after your own wellbeing \u2013 and that of your team \u2013 can fall to the bottom of the priority list when a crisis hits, but it should be a top priority. Reflecting on his crisis, Jon explained that he was working 20 hour days in the first week of the attack, doing whatever it took to understand the scale and scope of the damage. But this can become unsustainable as the work to repair the damage of an attack can span many weeks and months. To tackle this in the future, Jon suggested he would appoint a dedicated wellbeing officer whose sole responsibility is to care for the physical and mental wellbeing of the team handling the crisis.&nbsp;<\/p>\n\n\n\n<p>It is often in the nature of IT teams to get involved and be curious about major events such as these, and many will volunteer to work through the night to get to the root of the problem. Jon explained that part of his role was sometimes to ask people not to get involved and for the benefit of their own wellbeing ensure they stay in their work streams. Segmenting teams and fixing accountability to specific people for pre-determined tasks can also help to keep the process as efficient as possible.&nbsp;<\/p>\n\n\n\n<p>Handling any kind of crisis is undoubtedly fraught and difficult, but implementing a clear plan in advance and sticking to it in the moment can help to minimise the impact of an attack, not only on the business but on your own wellbeing. If you are currently <a href=\"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/\">preparing your IT strategy for 2025<\/a>, taking some time to prepare for a crisis, and then testing your response at regular intervals, will pay off in the long run.\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Richard Nelson, senior technical consultant at Probrand, walks you through creating and executing a plan to survive a cyber attack. <\/p>\n","protected":false},"author":480,"featured_media":22531,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"apple_news_api_created_at":"2025-02-10T14:42:12Z","apple_news_api_id":"615d8416-5ed9-43ed-8bfc-1f5366825a39","apple_news_api_modified_at":"2025-02-10T14:42:12Z","apple_news_api_revision":"AAAAAAAAAAD\/\/\/\/\/\/\/\/\/\/w==","apple_news_api_share_url":"https:\/\/apple.news\/AYV2EFl7ZQ-2L_B9TZoJaOQ","apple_news_cover_media_provider":"image","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_cover_video_id":0,"apple_news_cover_video_url":"","apple_news_cover_embedwebvideo_url":"","apple_news_is_hidden":"","apple_news_is_paid":"","apple_news_is_preview":"","apple_news_is_sponsored":"","apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":[],"apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[3],"tags":[],"topic":[613],"class_list":["post-22530","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-interface","topic-cybersecurity"],"acf":[],"apple_news_notices":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.6 (Yoast SEO v26.6) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How to minimise the impact of a cyber attack\u00a0 - Interface<\/title>\n<meta name=\"description\" content=\"Richard Nelson, senior technical consultant at Probrand, walks you through creating and executing a plan to survive a cyber attack.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to minimise the impact of a cyber attack\u00a0\" \/>\n<meta property=\"og:description\" content=\"Richard Nelson, senior technical consultant at Probrand, walks you through creating and executing a plan to survive a cyber attack.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/\" \/>\n<meta property=\"og:site_name\" content=\"Interface\" \/>\n<meta property=\"article:published_time\" content=\"2025-02-10T14:42:07+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-02-10T14:42:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/02\/iStock-2155832389.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1254\" \/>\n\t<meta property=\"og:image:height\" content=\"836\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Dan Brightmore\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Dan Brightmore\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/\",\"url\":\"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/\",\"name\":\"How to minimise the impact of a cyber attack\u00a0 - Interface\",\"isPartOf\":{\"@id\":\"https:\/\/interface.media\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/02\/iStock-2155832389.jpg\",\"datePublished\":\"2025-02-10T14:42:07+00:00\",\"dateModified\":\"2025-02-10T14:42:14+00:00\",\"author\":{\"@id\":\"https:\/\/interface.media\/#\/schema\/person\/7c33499ca8e42b097028109cccb22748\"},\"description\":\"Richard Nelson, senior technical consultant at Probrand, walks you through creating and executing a plan to survive a cyber attack.\",\"breadcrumb\":{\"@id\":\"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/#primaryimage\",\"url\":\"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/02\/iStock-2155832389.jpg\",\"contentUrl\":\"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/02\/iStock-2155832389.jpg\",\"width\":1254,\"height\":836,\"caption\":\"High-speed lightbulb exploding glass shattering black background\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/interface.media\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to minimise the impact of a cyber attack\u00a0\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/interface.media\/#website\",\"url\":\"https:\/\/interface.media\/\",\"name\":\"Interface\",\"description\":\"Delivering World Class Content \u201cFrom Executive, For Executive\u201c\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/interface.media\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/interface.media\/#\/schema\/person\/7c33499ca8e42b097028109cccb22748\",\"name\":\"Dan Brightmore\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/interface.media\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e9ca282f0ef431735a64685769ad57886e24b074c4c58314392755fb79164164?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e9ca282f0ef431735a64685769ad57886e24b074c4c58314392755fb79164164?s=96&d=mm&r=g\",\"caption\":\"Dan Brightmore\"},\"url\":\"https:\/\/interface.media\/blog\/author\/dbrightmore\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to minimise the impact of a cyber attack\u00a0 - Interface","description":"Richard Nelson, senior technical consultant at Probrand, walks you through creating and executing a plan to survive a cyber attack.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_GB","og_type":"article","og_title":"How to minimise the impact of a cyber attack\u00a0","og_description":"Richard Nelson, senior technical consultant at Probrand, walks you through creating and executing a plan to survive a cyber attack.","og_url":"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/","og_site_name":"Interface","article_published_time":"2025-02-10T14:42:07+00:00","article_modified_time":"2025-02-10T14:42:14+00:00","og_image":[{"width":1254,"height":836,"url":"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/02\/iStock-2155832389.jpg","type":"image\/jpeg"}],"author":"Dan Brightmore","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Dan Brightmore","Estimated reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/","url":"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/","name":"How to minimise the impact of a cyber attack\u00a0 - Interface","isPartOf":{"@id":"https:\/\/interface.media\/#website"},"primaryImageOfPage":{"@id":"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/#primaryimage"},"image":{"@id":"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/02\/iStock-2155832389.jpg","datePublished":"2025-02-10T14:42:07+00:00","dateModified":"2025-02-10T14:42:14+00:00","author":{"@id":"https:\/\/interface.media\/#\/schema\/person\/7c33499ca8e42b097028109cccb22748"},"description":"Richard Nelson, senior technical consultant at Probrand, walks you through creating and executing a plan to survive a cyber attack.","breadcrumb":{"@id":"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/#primaryimage","url":"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/02\/iStock-2155832389.jpg","contentUrl":"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/02\/iStock-2155832389.jpg","width":1254,"height":836,"caption":"High-speed lightbulb exploding glass shattering black background"},{"@type":"BreadcrumbList","@id":"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/interface.media\/"},{"@type":"ListItem","position":2,"name":"How to minimise the impact of a cyber attack\u00a0"}]},{"@type":"WebSite","@id":"https:\/\/interface.media\/#website","url":"https:\/\/interface.media\/","name":"Interface","description":"Delivering World Class Content \u201cFrom Executive, For Executive\u201c","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/interface.media\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/interface.media\/#\/schema\/person\/7c33499ca8e42b097028109cccb22748","name":"Dan Brightmore","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/interface.media\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/e9ca282f0ef431735a64685769ad57886e24b074c4c58314392755fb79164164?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e9ca282f0ef431735a64685769ad57886e24b074c4c58314392755fb79164164?s=96&d=mm&r=g","caption":"Dan Brightmore"},"url":"https:\/\/interface.media\/blog\/author\/dbrightmore\/"}]}},"_links":{"self":[{"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/posts\/22530","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/users\/480"}],"replies":[{"embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/comments?post=22530"}],"version-history":[{"count":1,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/posts\/22530\/revisions"}],"predecessor-version":[{"id":22532,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/posts\/22530\/revisions\/22532"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/media\/22531"}],"wp:attachment":[{"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/media?parent=22530"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/categories?post=22530"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/tags?post=22530"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/topic?post=22530"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}