Three ways to outpace new cyber laws
Cyber extortion remains a pervasive threat, and payment of a ransom demand remains the least viable (and least reliable) response.
Mandatory ransom reporting does not legalise ransom payments, ameliorate a ransom attack or meet heightened policy and public expectations.
De-risk the ransom threat with a carefully considered and thoroughly tested risk-based approach to ransom payment decision making and planning.
De-risk ransom
New restrictions on how cyber agencies use information inform just one part of cyber crisis communications strategy.
In a significant cyber incident, your stakeholder list is long, and requires a scale of communications and legal infrastructure that is rarely built into crisis response plans.
Build and test your capability to confidently communicate with cyber agencies, regulators, government, the media, customers, and the public, without creating further down-stream reputation or legal risks.
Managing cyber risk is now a normal part of doing business – this means understanding that a breach is a case of "when", not "if".
Understand the evolving expectations of regulators, and measure your cyber maturity against them.
Streamline and co-ordinate cyber crisis comms
Outpace regulator expectations before your next incident
3
2
1
De-risk ransom
1
Streamline and co-ordinate cyber crisis comms
2