May 22nd 2024
The National Cyber Security Centre has released new guidance for organisations experiencing ransomware attacks and their support partners.
It aims to minimise the impact of these incidents by reducing business disruption, ransom payments, and the size of ransoms paid.
The guidance puts an emphasis on understanding the implications of paying a ransom and readiness to handle incidents effectively. Here are some of the main takeaways from the guidance:
- Review alternatives before deciding to pay a ransom Minimise
- Develop incident management processes and preventive measures.
- Consult Experts – engage insurers, NCSC and report the incident to the ICO and other relevant authorities
- Payment Risks: Understand that payment does not guarantee data recovery.
Having a tested, working and up to date business continuity plan can help to keep your business running in the face of attacks as well as providing ways to back up and recover lost data.
We have guidance and templates for business continuity plans, as well as an audit tool to support providers to test the viability of their plans which you can find here: https://buff.ly/3wNLeG1
Completing the Data Security and Protection Toolkit (a self assessment tool care providers can use to ensure they have good data and cyber security practices) can also help to keep your data safe.
Resources:
- We have free guidance and policy templates to complete the DSPT here: https://buff.ly/44jWc2g
- As well as free 1-2-1 support from Local Support Organisations in your area: https://buff.ly/3xwTjit
- See our guidance on how to handle a data breach here: https://buff.ly/3wIG2Dx
Read the full report by the National Cyber Security Centre here: https://buff.ly/4bjRBzQ
View all News