Cybercrime is today’s version of a bank heist, except the bad guys are trying to crack open the digital vault with access to millions of pockets at once. Cyberattacks, according to the Center for Strategic and International Studies, cost the global economy a whopping $445 billion a year.
Given that the majority of the nation’s credit and debit card transactions are processed in Georgia, it’s easy to see why the area might be a beachhead for financial cyberwarfare. As an international gateway, Atlanta – with its businesses, technological centers and research institutions like Georgia Tech – must lead in developing cybercrime responses, banding together to protect economic growth across the region.
The breaches at Atlanta-based Home Depot and at Target, Michaels and P.F. Chang’s are well-known, but companies of all sizes are vulnerable. According to the Ponemon Institute’s 2014 Cost of Data Breach Study, a data breach costs a company an average of $3.5 million, 15 percent more than in 2013. For a growing company, a breach can hurt financially or even be fatal. It can also cause significant and lasting reputational harm.
As managing director of the Atlanta office of Bank of the West, a subsidiary of BNP Paribas, I’m invested in helping the business community with cybercrime responses. Working with David Pollino, our chief fraud prevention 0fficer, we recommend the following guidelines:
• Create a plan. Incident Response Plans provide an overarching approach to managing incidents your business may experience, such as a leak of customer information, prolonged website outage or smokescreen attack used to hide the real fraud. A distributed denial of service attack, for instance, bombards a network to the point of crashing the website. But such an attack can also act as a diversion to hide the real crime. The plan should be available at a moment's notice in both electronic and printed form.
• Identify stakeholders. Include representatives from IT, finance, legal, communications, senior management and many others. Indicate at which point each person needs to be informed, with current contact and social media information, such as Twitter handles. Provide key executives with access to emergency infrastructure like satellite phones to ensure open communication lines.
• Develop proactive communications. What to say, when and to whom is essential in any crisis and can have a material impact on the reputation and financial well-being of your business. Far in advance of an event, draft a communications plan that will serve as a foundation for engagement with your stakeholders – such as clients, media and the public.
• Consider external partners. It is unlikely your business will go it alone in a breach. Pre-negotiate with potential partners like identity theft monitoring services, forensic consultants and outside legal counsel before disaster strikes, so you'll have maximum leverage and can marshal support on short notice.
• Test tools regularly. Itemizing the tools that will investigate, mitigate and quantify a potential incident will better prepare your business for future threats and strengthen your incident response plan. But testing the plan is as essential as creating it. Conduct an initial drill to see if the plan is complete and functional, and then schedule follow-up drills – ideally quarterly, but at least annually – to improve it.
Cyberattacks come in many shapes and sizes. Advance planning can make an incident a much more manageable experience for your business, your team members and, most importantly, your customers.
Christopher Torie is managing director of the Atlanta office of Bank of the West.
