TT Club highlights the importance of robust cyber security risk management and urges boards and management to carry out thorough assessments, including analysing the integrity of safety critical data.
In fact, Peregrine Storrs-Fox Risk Management Director of TT Club explained that cyber risks can be defined as the risk of loss or damage or disruption from failure of electronic systems and technological networks.
In light of the above, Mr. Peregrine Storrs-Fox highlights a ‘top ten’ list in an effort to mitigate cyber risks:
- Strengthen the ‘e-perimeter fence’ and ensure only approved software programmes can be run on systems and networks
- Ensure software patches are applied diligently and quickly
- Maintain effective anti-virus software and strong spam filtering
- Compartmentalise IT and OT infrastructure with the aim that an infected area can be isolated and quarantined
- Systematically back up key data regularly, including ensuring that the backup files are held offline
- Educate employees not to download malicious content, open unsecured web browsers or fall victim to social engineering attacks and phishing scams; train them to recognise and report threats
- Collaborate intra and cross industry to raise awareness and identify threat trends (including being open to increased information sharing)
- Develop a robust incident response plan, with a well-prepared and dedicated team having clear objectives
- Develop robust contingency plans, since preparation is key to resilience during or following an attack
- Be alert and expect the attack; it’s not if but when.
