As the festive season approaches more people will start logging off work for Christmas and that includes cyber security professionals who need a well-earned break. But cybercriminals know that when organisations are understaffed or team members have their minds on other things, that’s the perfect time to strike.

So, what can organisations do to prepare for this two- or three-week stretch when they might be more vulnerable than usual? As always, having excellent cyber hygiene in place is the best policy to reduce the chances of a cyber-attack getting through your defences. Good preparation is essential to get your organisation in the best possible shape in case the worst does happen.

By doing the basics brilliantly, you’ll go a long way to reducing the chances of succumbing to a cyber incident because financially motivated criminals preferably want easier targets with a low risk of being caught and a high reward. Making your defences difficult to get through should deter them. That said, you need to prepare for the worst-case scenario.

Here is our advice on the top three sets of actions to take to get ready for the festive season:

1. Before a cyber incident

• Implement strong password policies: use complex, unique passwords and enable multi-factor authentication (MFA)
• Regularly update software: keep all systems and software up to date with the latest security patches
• Employee training: train employees on cyber security awareness and best practices
• Data backup and recovery: back up critical data and ensure backups are secure and easily recoverable
• Incident response plan: prepare a well-documented incident response plan, test it, and have it to hand as a paper copy
• Be extra cautious with emails: cybercriminals often use phishing emails that look like they come from legitimate sources; be wary of any email that asks for personal information or contains links and attachments, or presses you to act urgently.

2. During a cyber incident

• Incident response plan: run through your plan as you practised before the day
• Containment: contact cyber security experts to manage the incident and isolate affected systems to prevent the attack from spreading
• Communication: establish clear communication protocols to inform relevant internal and external stakeholders, and your cyber insurance company
• Monitor for further threats: keep a close watch on your network for any signs of additional threats or suspicious activity.

3. After a cyber incident

• Post-incident analysis: conduct a thorough review to understand the cause and impact of the incident
• Improve security measures: update security policies and controls based on lessons learned from the incident
• Review and update policies: ensure all cyber security policies are up to date and reflect the latest best practices and regulatory requirements
• Enhance monitoring and detection: Invest in advanced monitoring tools, such as Clarity Defend, Clarity Extend or Clarity Protect, to detect suspicious activities early and respond promptly.

What to do in the event of a cyber-attack

If you’ve been hit by a cyber-attack, you need to move fast. Follow these crucial Cyber Incident Responder’s dos and don’ts to help you take the correct immediate actions and know what to avoid.

By embracing these essential guidelines, you can turn potential cyber chaos into a well-orchestrated response, and navigate digital threats with confidence and precision throughout this holiday season.

If you believe you’re experiencing a cyber incident right now, please call our Incident Response team on +44 333 444 0041 (UK) or +1-813-896-0496 (US) and we’ll help you right away.

Discover more about Quorum Cyber

Our Security Operations Centre (SOC) team, which spans the UK and North America, holds the fort 24/7, 365 days a year, including Christmas Day and New Year’s Day. We know that cybercriminals never rest – so neither do we. Our sole purpose is to protect organisations in any sector every minute of every day.

Get in touch if you would like to discuss how we can minimise the chances of a cyber incident damaging your business – every day of the year.