On a more general level, The Norwegian Business and Industry Security Council (Næringslivets sikkerhetsråd) issued a security survey report in September 2016. The report shows that among the 1500 organizations who participated, 27 % had experienced undesirable security incidents during the last year. 4 out of 10 incidents were reported to have led to loss in production.
According to The Norwegian Center for Information Security (NorSIS) there are three groups of cyber-attacks to consider:
- Espionage and intelligence
- Do you have confidential information that may be interesting to outsiders or competitors?
- Sabotage of critical infrastructure
- Do you have services that depend on IT-systems? This can be simple things like PayPal, banking services, IP phone services or files saved in the cloud. Both services that you provide to your customers and third party services you rely on to provide your own services may be vulnerable.
- How would your business be impacted if outsiders took control over parts of your production line?
- Fake news or reputational attacks
- What happens if information about your business is released to the public as if it was orchestrated by yourselves?
- How would you handle an incident where someone connects your company name to values you wouldn’t like to be associated with?
Could any of the above have a potential impact your business?
Plan ahead, don’t be taken by surprise!