| Link(s): | ABI, BIBA, IUA with NCSC help reduce ransom harm – NCSC.GOV.UK NCSC guide to help businesses facing ransomware demands (biba.org.uk) |
Context
The NCSC has published, in conjunction with the Association of British Insurers (ABI), British Insurance Brokers’ Association (BIBA) and International Underwriting Association (IUA) new guidance which aims to help organisations faced with ransomware demands minimise disruption and the cost of an incident.
Key points to note and next actions
A cyber ransom-attack is one of any business’ greatest risks to their ability to trade regardless of size or sector. Developed from a NCSC-sponsored research paper by the Royal United Services Institute (RUSI), the best practice guidance sets out recommendations that aim to empower organisations and associated third parties to make informed decisions when faced with ransomware, and ultimately help minimise the disruption and cost of an incident.
The guidance provides practical help to plan and respond in a crisis and encourages firms to consider other approaches to responding to a cyber-attack ahead of ransom payments, in conjunction with any outsourced IT to ensure a joined-up response. Firms should also consider assessment of business impact, reporting protocols, and where to access sources of support. Many small businesses still don’t expect to be a victim of a cyber-attack, but should bear in mind that cyber-criminals will assess not how valuable a business is but how vulnerable they are.
Additional NCSC guidance and information are also available.