2023, the year of Digital Business Attacks?

If you've not read Richard Torrenzano/s co-authored book from 2011 that said the standard digital reaction time wad eight hours to react to a digital compromise of a website was 8 hours then you'll probably not be shocked that now companies have two hours to react.

In the current landscape, all businesses are faced with elevated levels of risk, as evidenced by the heightened discussions among boards and the dramatic increase in corporate insurance rates.

With the advent of a 24/7 media environment, the distinction between traditional media and digital platforms has become increasingly blurred, rendering them virtually indistinguishable.

Stakeholders including customers, competitors, employees, advocacy groups, unions, investors, regulators, vendors, and the media have instant access to any content, regardless of whether it has been authorised by the business or not.

Given this scenario, it is imperative that boards and leaders have a sound understanding of three potential crisis scenarios in 2023: cyberattacks, unauthorised leaks, and political missteps.

In the event of such unexpected occurrences, prior strategies and plans may prove insufficient. Those who are inadequately prepared will face severe consequences, lasting longer than mere moments of embarrassment. As such, it is advisable to discard previous crisis plans, as they may not be effective in 2023.

Cyberattacks pose a significant challenge for companies, having the potential to drain budgets, cause disruptions to business operations, and threaten their reputation. And whether you are big or small, it really doesn't matter now, we're all in the scope of vision.

Cyberattacks can originate from external sources such as criminal syndicates, foreign competitors, and state actors who seek to steal or destroy valuable data, financial assets, and intellectual property. The motives behind these attacks may range from disruption, extortion, ransom, retaliation, denial of service, or merely demonstrating their attack capabilities.

Additionally, the reputation of a company may also be targeted by cyberattacks from trolls and activists, aimed at key leaders or boards. Conflicts with labour or advocacy groups, product or service liability, damage to brand or reputation, and operational errors, compounded by poor information gathering and communication, may also contribute to such attacks.

Furthermore, current or former employees who are dissatisfied may carry out cyberattacks from within the company, driven by motives such as retaliation over disagreements, commercial espionage, and personal financial gain.

Time is against you

The significance of prompt action has only increased in recent times, with the rapid acceleration of cyberattacks and leaks. We now live in an era of the (two-hour digital day.) In the fast-paced, mobile world we inhabit today, a company has a limited window of one or two hours to respond to a cyberattack or leaked sensitive information. Any delay or contradictory statements, written in legalese or unintelligible language, can lead to disastrous consequences.

Sadly, many corporate cultures are not equipped to deal with the demands of operating at the speed of the digital world, with business leaders and their advisors ill-prepared to respond promptly. SMEs - maybe... there's a small chance...