The company's finances

Right now, the electricity bill may be high on your list when you think about your business finances. We understand that very well. Unforeseen costs can be the hook in the door for many. That is one of the reasons why we wanted to write about this topic. Because what could actually be the consequences of a successful attack?

A cyber attack doesn't have to cost you anything then and there. It is rare that hackers actually get hold of the money for the business in the online bank. Even if they really want to. The costs usually start rolling in when the damage has already occurred. Because then you can be left without access to your booking system, your supplier lists and all information about your customers. Lost income, unforeseen costs and internal resources that have to be used to clean it up - all that costs money. You probably have to look out for necessary things such as IT assistance and legal help at the top. A large food manufacturer experienced this before Christmas last year. 

In December 2021, a large Norwegian food producer was attacked. That led to over two weeks of crisis management. When their annual report for 2021* came, we learned that it cost them NOK 36 million. This despite the fact that they had taken several preparatory measures to prevent attacks. Do you have more millions available to do the same? 

The reason we say this is to show that spending money on security measures today can save you millions tomorrow. Now we want to reveal the general advice we give to customers asking for assistance on digital security.

  • Gather an overview of where all your data is located. Categorize by most important to least important in this work.
  • Back up and store your data in at least three different locations.
  • Have a clear overview of who has access to the data. Do they know enough about security? Can they recognize a sly attempt at attack?
  • Create a disaster plan. How do you proceed if the worst were to happen? How do you take care of employees internally? How do you communicate with customers, suppliers and partners? What money is available for handling?
  • Prepare employees. Educate them. Let them be your best defense! See below for more tips.

What does it take to prevent data attacks?

Many hackers use people to get into your systems. Employees around the world accidentally press links and buttons they shouldn't. Therefore, 90% of all successful attacks occur due to human error. What will it take to prevent that from happening? 

  • Use two-factor authentication to protect user accounts, especially administrative rights.
  • Keep track, what you do not know about you can not do anything about.
  • Protect systems from malicious code, have security software on clients and servers.
  • Update systems regularly, serious vulnerabilities appear a lot every day.
  • Set up the systems according to the manufacturer's recommendations, with a view to safety as well as making it work.
  • Emails are often the starting point for attacks, have traffic filtering and train employees to detect fake emails.
  • Tell employees what measures you have taken should something happen. Let them take part in the planning.

The psychosocial repercussions

When a cyber attack is successful it can have ripple effects. You probably already knew that. But have you thought about how it affects the people in the situation? 

A computer attack leads to several days, weeks and months of crisis management and firefighting. For employees who during the day work with everything other than firefighting, it can be demanding to stand in. Stress, frustration, hopelessness and uncertainty are emotions that can arise. Some may also feel guilty for not discovering the attack sooner. Most people will think through their clicks and actions several weeks back. Whose fault is this for? Or did the hackers do it on their own?

Being under such great pressure is not healthy in the long run. Many will also become insecure in their workplace: Will my employer survive this? Will we handle the cost? When will people feel safe in their jobs again? And can I bear to continue in this position?

We recommend, as mentioned above, to have both a disaster plan available and a plan for how to communicate with employees in such a situation. In addition, we want you to prepare your employees to such an extent that they are self-confident in the face of hackers.

Give your employees the confidence to face cyber attacks

Give your people the opportunity to become part of your defense network. Make sure employees think about security a little bit every day, rather than once every six months. 

Inside the Braathe we have adopted a security learning platform for precisely this. It is being rolled out to customers these days as well. The CYBR platform is a learning arena where you learn everything you need about attacks and how to prevent them. We believe that this is an investment for the long term. Read more about the platform here.

 

The company's sustainability goals

What happens to the green shift and our own sustainability work in the face of cyber attacks? There are few answers to that, but we have taken the liberty of thinking up some scenarios. Most businesses have set green targets based on the UN's sustainability goals. Therefore, they have been our starting point:

Sustainability goals 8 and 9: A computer attack costs money and will not stimulate more jobs or a rich and innovative business life in the near future. It will also be a setback for many businesses when dealing with customers and suppliers. The climate accounts may also get red(er) numbers in the coming years because there is not enough money to follow up the green work.

Sustainability goals 3We know that a computer attack causes the people involved in the business a lot of stress and pressure. It can affect health and quality of life both in the short and long term. 

Sustainability goals 12Computer attacks can lead to increased use of material that would not otherwise be used. We see examples from well-known attacks that at times had to resort to pen and paper. That is, of course, in the worst cases.

Sustainability goals 13: The business can take several months and years to get back to where they were. It will affect all joints and may prevent the contribution to stopping climate change.

Our dream is that as few as possible should have to experience computer attacks. That is because the consequences can be fatal for many companies. And those are the companies we need in Norway. Jobs we want to see flourish. So we hope you take some precautions. The hackers attack indiscriminately, and there is nothing standing in the way of your company being next in line. They know that your values ​​usually lie in the information and data you have.

We hope the article was helpful - and don't hesitate to talk to us if you are unsure of how to proceed with your security work. Feel free to take a look at our page on security if you want to dive even further into the matter: We deliver security – Braathes security hub

*Annual report for 2021, Nortura