end-point
ANALYSIS attacks. Your systems may be shut down, your websites disabled, or transactions blocked.
The attack may disrupt online orders, contactless payments, and your click-and-collect services for days, weeks or even months, which depending on the severity could have a huge impact on profits.
Hackers may access personal customer data such as names, addresses, dates of birth, payment details or passwords. There could be operational disruptions with you needing to pause online orders and your stores may face empty shelves due to IT system changes and restoring your services may take time.
Reporting breaches to the regulators and essential next steps
Organisations experiencing a cyber incident may need to report it to the Information Commissioner’ s Office( ICO), especially if personal data has been compromised. The ICO’ s key reporting requirements outline that if the breach has a
‘ significant impact’, it must be reported to the ICO within 24 hours. Likewise, if personal data is affected, organisations must notify the ICO within 72 hours of becoming aware of the breach. In some cases, businesses may need to inform affected users and the wider public.
Organisations should also consider reporting incidents to the National Cyber Security Centre( NCSC), which provides cybersecurity guidance.
Cyberattacks, like the recent spate on the retail sector, highlight the growing need for businesses to bolster their defences against digital threats. There are several key steps retailers can take to protect themselves after a cyber incident, focusing on containment, investigation, and resilience-building:
• Immediate containment and incident response plan
Organisations should immediately isolate affected systems to prevent further spread while identifying
WWW. INTELLIGENTCISO. COM 73