Have you simulated a hacker attack today?

Have you simulated a hacker attack today?
Have you simulated a hacker attack today?

I would like to propose a quick exercise: how many fire drills have you participated in during your professional life? “Numerous”, I imagine is the answer. Now I ask you: how many simulations of hacking attacks have you participated in? I guess the answer borders on “none”.

Preparing for emergencies is almost a natural movement. In a building where hundreds, sometimes thousands of people work, it is essential to carry out fire escape training to ensure that everyone is safe when evacuating the place. Anyone who has experienced a real fire situation can even argue that, at the time, it didn’t go exactly as planned, but I can guarantee that it would have been much more chaotic if there hadn’t been planning and step-by-step simulations.

With the growing number of cyber attacks, which affect from large corporations to people in their homes, through public agencies and governments, simulations of this type of threat should be more common. Investing in technology and teams to help with protection is extremely important, but leaders need to make sure that the entire infrastructure is efficient and that the chances of failure are minimal.

The issue of cybersecurity is already a reality in most companies. Many of them prepare lectures and training on the subject, but perhaps it is not enough. In an emergency or disaster, you can’t always count on people’s rationality, and that’s normal. Faced with a ransom demand of millions of reais, few people will be able to deal with the situation in a calm and resilient way, without having to make hasty decisions.

Keeping calm in the face of a ransom demand after systems are locked down requires training (Image: rawf8/Envato)

That’s why training becomes so essential. Together with your company’s team and technology leaders or IT support provider, put together a structured plan with the steps that need to be followed in an attack situation. Don’t let the plan die on paper: invite the entire company to participate in training sessions and carry them out periodically. It will be easier to notice loopholes in the system that could be the cause of a cybercriminal intrusion and remedy them in time. It also helps to detect potential issues, for example, attack surface monitoring, especially if your employees are in the home office or hybrid model.

You don’t have to start planning from scratch, on the internet you can find ready-made templates or even companies that offer this type of service. CISA, the US cybersecurity agency, for example, has a guide for situations like this with free or low-cost content.

Simulations are not fun at all and can seem like a waste of time. But much more time and money will be lost if companies fail to mitigate potential preventable risks.

*Article produced by a columnist exclusively for Canaltech. The text may contain opinions and analyzes that do not necessarily reflect Canaltech’s view on the matter.

The article is in Portuguese

Tags: simulated hacker attack today

NEXT see the predictions for your zodiac sign today, October 01, 2022