#NSBCS.015 - Governing through a Cyber Crisis

Governing through a Cyber Crisis

What is the role of boards and directors in ensuring their businesses are cyber-secure? And more importantly, what role do they play during a cyber incident?

At NSB Cyber, we have been getting this question with increasing frequency as cybersecurity becomes a higher priority for many organisations. With the increase in cyber-attacks and heightened scrutiny from regulators and legislators, directors and boards must have a clear understanding of their responsibilities in cybersecurity to ensure the safety of their organisation.

The Australian Institute of Company Directors, the Cyber Security Cooperative Research Centre and Ashurst partnered to publish Governing Through a Cyber Crisis: Cyber Incident Response and Recovery for Australian Directors, providing a pragmatic framework for organisations to work towards stronger cyber resilience.

So, what is the Board’s role?

• Boards must be confident their organisation is ready for a significant cyber incident, by encouraging and facilitating comprehensive incident readiness planning

• Boards should prepare to actively engage in a cyber crisis, providing oversight and supporting management's key decisions and responses

• Boards must think ahead and contemplate the repercussions and risks of a significant cyber incident, including regulatory consequence

• Most importantly, Boards must be prepared, considering key areas of cybersecurity readiness, response, recovery and remediation

By taking an active role in cybersecurity, boards and directors can help their organisations prevent cyber-attacks and manage incidents with less disruption and loss – ensuring your organisation is taking #NoStepsBackward!

For information on NSB Cyber’s Cyber Resilience capabilities or to book a meeting with our team, click here.

What we read this week

• FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks - The FBI, CISA, and HHS have issued warnings regarding the resurgence of BlackCat ransomware attacks on the healthcare sector. This follows an administrator's call within the BlackCat group urging attacks on hospitals, with the sector being a predominant target since mid-December 2023.

• Chinese Cyberspies Launch Malware on Ivanti VPN - Recent reports have identified a campaign by Chinese threat actors utilizing new malware to compromise Ivanti VPN appliances, highlighting the critical need for system updates and vigilance against state-sponsored cyber activities.

• U-Haul Customer Data Breach - U-Haul reported a significant data breach affecting 67,000 customers, involving unauthorized access to a reservation tracking system. This breach underscores the ongoing risks associated with personal data and the importance of cybersecurity measures to protect customer information.

• Cencora's SEC Filing Reveals Data Breach - Cencora has publicly acknowledged a data breach where sensitive information was accessed. While operational integrity was reportedly maintained, the incident raises significant concerns regarding data security and corporate responsibility in reporting and addressing cybersecurity incidents.

• Canadian Authorities Investigate Cyberattacks on RCMP and Global Affairs - The Royal Canadian Mounted Police (RCMP) and Global Affairs Canada have been targeted by cyberattacks, prompting active investigations. These incidents highlight the increasing cybersecurity challenges facing government institutions and underscore the importance of enhancing security measures to protect sensitive information and infrastructure from such threats.

References

https://thehackernews.com/2024/02/fbi-warns-us-healthcare-sector-of.html
https://www.securityweek.com/chinese-cyberspies-use-new-malware-in-ivanti-vpn-attacks/
https://www.securityweek.com/67000-u-haul-customers-impacted-by-data-breach/
https://thecyberexpress.com/cencora-data-breach-confirmed/
https://www.securityweek.com/canadas-rcmp-global-affairs-hit-by-cyberattacks/