adarma_logo_twgt-black[11615449]
adarma_logo_twgt-black[11615449]
Assessments
All Cybersecurity Assessments

Improve security maturity and capability while reducing risk
Cyber Maturity Assessment

Define, measure and improve your security posture
SOC Maturity Assessment

Understand and improve the capability and maturity of your SOC
SIEM Assessment

Your roadmap to increase the performance and value of your SIEM
Crisis Simulation Assessment

Stress-test your organisation’s cyber response capability

Latest Insights

Cyber Insiders is a cybersecurity podcast by Adarma.
Podcast
Nov 2

Cyber Insiders Podcast: Liz Banbury on Safeguarding Critical National Infrastructure
Threat Intelligence Exposure Management
Detection & Response
Managed SOC

Delivering today’s capability, while staying adaptable for tomorrow’s threat
Microsoft MDR Solution

Maximise the potential of your Microsoft E5 License
SOC Engineering

We help design, build, and integrate the security operations capability you need
Incident Response

Intelligence-led preparation, practice and real-world cyber incident response
Socket Platform
About Us
We Are Adarma

Your partner for effective cyber threat management
ESG

Protecting the promise of cyber resilience
Partners

Working in partnership to make the world a safer place
Careers

Become a Cyber Defender
Contact Us

Get in touch today
Insights
Cyber Hub
Cyber Insiders
News & Blog
SIEM Transformation
Future-Ready SOC Report
SecOps Excellence
Events
Share:
August 1, 2024

Turn Crisis into an Opportunity – A Guide for Business Leaders Navigating Cyber Disruptions

By Eduard Doroskevic, Principal Consultant at Adarma

Regardless of the location, industry, and size, running a business is hard; and whilst, technology can boost a business’s profitability, it can also hinder it. Considering the recent worldwide information technology meltdown, this blog seeks to help business leaders derive value from the crisis by navigating the consequences of this unfortunate event. 

Finance

Financial stability is essential for any business operation. So, naturally, we ought to start our assessment by examining the financial impact on the organisation. Here, we want to focus our attention on the following three key questions: 

  • What revenue was lost?  
  • What did it cost? 
  • What is the breakdown? 

 

The above will help estimate the resilience of your business. By answering the above, you will learn what the financial impact on your business was relative to the disruption caused by the incident. Unfortunately, this type of incident can have a variable but persistent effect over time. As such, it is wise to monitor the business’s financial performance before, during, and after the incident.  

Governance

All businesses require structured governance. These rules define how a business operates to achieve its mission within its market and the legal environment. A major disruption to the business operation can be a signal to re-evaluate these rules. With this in mind, we want to understand what rules were used to govern the response to the incident. So, ask yourself the following:  

  • What policies, standards, and guidelines informed your response? 
  • What communication channels were involved? 
  • What processes were activated to get the business back up and running? 

 

It is important to stay focused and avoid overcomplicating the situation. Remember, our goal is to align governance with the incident. A full governance re-evaluation may be unnecessary, but by answering the questions above, you can determine if the existing rules enabled an adequate response under challenging operational conditions.

Risk Management

Every business has limited resources, so to be effective and efficient, it helps to have a methodology that can guide prioritisation and resource allocation decisions. In this instance, we want to explore the following questions: 

  • Did the company anticipate the risk? If so, what was the evaluation of the risk? 
  • What controls were in scope, and did they deliver value? 
  • If you have an insurance policy, what coverage does it offer? 

 

It is time to be honest and lead the way forward by learning from both the present and the past. Incidents like the recent worldwide IT outage are rare and unpredictable. While we cannot foresee the future with complete certainty, we can seize this crisis as a chance to refine our decision-making methodology and enhance the associated processes.  

Compliance

There are two sets of rules to consider: the governance rules you choose to adopt, and the mandatory rules and costs associated with competing in business, which include statutory, regulatory, and contractual compliance. We must therefore ask ourselves: 

  • Did the company or its partners breach any statutory, regulatory, or contractual requirements? 

 

Your business does not exist in isolation, it operates within a complex legal environment and faces intense market pressures. Now is not the time to let your guard down.  You need to stay vigilant and manage the immediate challenges effectively. Once these are addressed, take the time to assess your business’s structural resilience in relation to the current environment.  

People

Artificial intelligence may one day take over the world, but for now we still largely rely on people. Therefore, we need to closely examine our workforce. Here are some questions to get you started: 

  • How did the workforce respond to this incident? 
  • Who was involved in finding a solution? 
  • Who assumed a leadership role during the crisis? 

 

Business products and services depend heavily on technology and occasional failures are inevitable. During a crisis, having access to the right people is crucial. It’s important to observe your workforce’s response both during and after the incident.  

Embracing change is key for strengthening and adapting your business to make it more resilient. Each crisis presents an opportunity for growth and improvement. You should leverage these challenges to enhance your capabilities to derive value, ensuring that you emerge even better prepared for the future ahead. 

We Are Adarma

Adarma provides customised cybersecurity solutions to assist businesses in achieving future-ready cyber resilience. Our approach enables organisations to decrease cyber risks by implementing effective threat intelligence, exposure management, and detection and response capabilities. We offer tailored threat intelligence, technological solutions, and strategic advisory that cater to our customers’ specific security requirements and business goals.  

Our expertise guarantees a balanced approach between security and operational efficiency, safeguarding our customers’ most crucial infrastructure and data. Discover our tailored services and find out why we are the preferred security partner for FTSE 350 firms.

Contact Us