In the world of IT, those on the front lines of an organization under cyberattack experience an intense form of stress. The stakes are high as these professionals race to prevent the loss of sensitive data or intellectual property–or to prevent the company from going dark. For a hospital, that can mean life or death.
When the WannaCry ransomware attack hit the National Health Service (NHS) in the UK last year, chaos ensued with hospitals and clinics going offline and patient care being disrupted. Quoting Dan Taylor, head of NHS Digital, who spoke at the recent CYBERUK conference, ZDNet writes, “We don’t deal in the bottom line, it isn’t about balance sheets, it’s about patient care and you have to have that focus.” Taylor credited the fact that they had a plan in place as the key element that helped ground them so they could focus on addressing the situation.
When the Houses of Parliament were targeted in the UK last year, the head of identity management for Parliamentary Digital, Yochana Henderson, felt something similar. Even though the attack was thwarted, her team was on high alert, looking at where they could be hit next. ZDNet writes, “It soon became clear the attackers knew they were being watched. ‘They knew that we knew, so they ramped up their attack against us,’ Henderson said.”
One side effect of the stress was that it sparked a sense of competition and a deeper commitment to protect the organization. Quoting Henderson again, ZDNet reports, “If someone is attacking you, you take it personally. Reputationally, you’re thinking about your organisation and you want to win.”
In both situations, the teams were simultaneously working to resolve the crisis while looking at what to prioritize to safely keep their organizations functioning. Their advice: Expect a breach; create and test a response plan; and be sure to follow process.
Get the full story at ZDNet.