FTI Journal
FTI Journal | Critical Thinking at the Critical Time
 

Your Network Goes Dark. What Should You Do?

Your Network Goes Dark. What Should You Do?

Kyung Kim, Head of Cybersecurity for FTI Consulting’s APAC region, looks at the three steps you can take today to reduce the chances of the unthinkable: a paralyzed network and an IT team that can’t be reached.

C

ompanies around the world have seen their workforces relocate en masse from office spaces to home. With this decentralized workforce comes a vast set of new concerns for IT departments. They’re tasked with maintaining the integrity of internal networks and firewalls while a surge of remote employees attempt to log in from afar.

But there’s another tech scenario that sends a shiver down the backs of all companies, from the smallest start-up to the biggest multinational: The network stops responding and the IT team, arguably the most critical of all departments in a moment like this, is inaccessible. Suddenly, employees are left adrift. Employees are unable to do their jobs. Customers are lost. Profits evaporate. Soon, the company is on the verge of going belly up.

That scenario may be an exaggeration. But the consequences of a paralyzed network and an unreachable IT department are why all companies need to have the infrastructure in place so that if the unthinkable does occur, remedial action can begin immediately. The key is to be proactive so you are in the best position to be reactive.

Here are three actions companies can take to be prepared:

1. Have a “Team B” ready to go.

In 2019, more than 200,000 organizations reported being hacked in a ransomware attack, a 41 percent increase over the previous year. Ransomware attacks are designed to hold a company’s network hostage with a demand for payment to release it. While it might be unusual for hackers to target the IT department itself, it’s always best to have protocols in place for a rapid response to attack, including a backup IT team you can reach. This could be people who have been selected in-house, or it can be an outside cybersecurity firm (or a combination).

2. Identify the culprit and upgrade the network.

An unresponsive network sometimes results from a technical issue such as hardware failure or a problem at the ISP. However, these are highly unusual. If a ransomware attack does occur, or any other cyber attack for that matter, firms should follow a strict set of protocols: Preserve evidence, conduct a forensic investigation, and identify and contain the bad actors. Following these protocols during the first 72 hours after a cyber incident is critical.

Once malware is contained and the network is restored, IT needs to go back to the drawing board and update and upgrade its operations. They need to make sure their vulnerabilities are mitigated, which can be done through penetration testing, and they need to update their protocols and company policies to reflect their findings.

3. Train employees to be proactive.

A firm’s cybersecurity is only as strong as its weakest link. That means that employees, the most important and most valuable asset companies have, must be as hypervigilant about protecting their digital identities as IT — even if a company employs an endpoint detection and response (EDR) solution.

Fortunately, the home office is a zone that employees can control and prepare to combat cyber threats. Standard steps include creating and updating passwords for Wi-Fi routers and computers regularly; utilizing multifactor authentication (MFA) across personal devices; and using company-approved virtual private networks (VPNs) for internal communications. Encrypted email solutions are also recommended.

A decentralized workforce has placed an added strain on IT teams everywhere. By having a firm set of protocols in place, companies can mitigate the potentially painful consequences of disruption and give the full enterprise a greater sense of security.

 

Published July 2020

© Copyright 2020. The views expressed herein are those of the author and do not necessarily represent the views of FTI Consulting, Inc. or its other professionals.

About The Author


Kyung Kim
kyung.kim@fticonsulting.com
Head of Cybersecurity, APAC
Forensic & Litigation Consulting
FTI Consulting

Share This

Related Articles

Latest Articles

  • Investors, Start Your Engines
    Investors, Start Your Engines
    The FTI Journal’s series looking at opportunities for private equity in distressed M&A in the COVID-19 era continues with a snapshot of the automotive industry.
  • A Radically Changing Landscape
    A Radically Changing Landscape
    The FTI Journal continues its look at opportunities for private equity in distressed M&A given the pandemic-affected economy. Here is a snapshot of industrials.
  • Now is the Time for Companies to Strengthen their Approach to ESG and Sustainability
    Now is the Time for Companies to Strengthen their Approach to ESG and Sustainability
    Environmental, social and governance (ESG) criteria have become a focal point for companies, especially as COVID-19 highlights the importance of overlooked social factors. Fortunately, there are steps organizations can take to enhance ESG and sustainability performance while demonstrating how they put their values to work.

Related Articles

Latest Articles

  • Investors, Start Your Engines
    Investors, Start Your Engines
    The FTI Journal’s series looking at opportunities for private equity in distressed M&A in the COVID-19 era continues with a snapshot of the automotive industry.
  • A Radically Changing Landscape
    A Radically Changing Landscape
    The FTI Journal continues its look at opportunities for private equity in distressed M&A given the pandemic-affected economy. Here is a snapshot of industrials.
  • Now is the Time for Companies to Strengthen their Approach to ESG and Sustainability
    Now is the Time for Companies to Strengthen their Approach to ESG and Sustainability
    Environmental, social and governance (ESG) criteria have become a focal point for companies, especially as COVID-19 highlights the importance of overlooked social factors. Fortunately, there are steps organizations can take to enhance ESG and sustainability performance while demonstrating how they put their values to work.
It looks like you're enjoying this article. If you'd like to receive email updates from the FTI Journal, please consider subscribing.
The views expressed in this article(s) are those of the author and not necessarily those of FTI Consulting, Inc., or its professionals.
©Copyright, FTI Consulting, Inc., 2012. All rights reserved.

https://ftijournal.com/article/network-goes-dark-what-should-you-do