ADVERTISEMENT
TechEconomy
Monday, June 2, 2025
No Result
View All Result
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
      • Accessories
      • Phones
      • Laptop
      • Gadgets and Appliances
      • Apps
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
      • Broadband
    • Mobility
    • Environment
    • Travel
    • Commerce
    • StartUPs
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • Appointment
    • EventDIARY
    • Editorial
  • Apply
  • TecheconomyTV
  • Techeconomy Events
  • BusinesSENSE For SMEs
  • TBS
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
      • Accessories
      • Phones
      • Laptop
      • Gadgets and Appliances
      • Apps
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
      • Broadband
    • Mobility
    • Environment
    • Travel
    • Commerce
    • StartUPs
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • Appointment
    • EventDIARY
    • Editorial
  • Apply
  • TecheconomyTV
  • Techeconomy Events
  • BusinesSENSE For SMEs
  • TBS
No Result
View All Result
Tech | Business | Economy
No Result
View All Result
Podcast

Home » Investing in a Best-practice Cybersecurity Playbook is Essential for all Businesses 

Investing in a Best-practice Cybersecurity Playbook is Essential for all Businesses 

Writer: RICHARD FROST, Head of Consulting: Cybersecurity at Armata 

Techeconomy by Techeconomy
November 26, 2023
in Security
1
Richard Frost - Cybersecurity playbook
Richard Frost, Head of Consulting: Cybersecurity at Armata 

Richard Frost, Head of Consulting: Cybersecurity at Armata 

RelatedPosts

SMS Scams on the rise

SMS Scams Surge 73% | Data Finds Key Trends

June 2, 2025

IHS Nigeria Commissions 65 Patrol Vehicles to Enhance Telecoms Tower Site Security

June 2, 2025

The concept of a crisis and how to manage it isn’t foreign to anyone running a business. Something untoward happens, it affects the business and then there are a host of effects ranging from revenue loss, reputation management and compliance questions.

There is no doubt that doing everything possible to prevent the crisis in the first place and then having a very carefully drafted playbook to activate an appropriate crisis response places a business in a far more favourable position than if it had no plans in place and is reacting in the heat of the moment.

The very idea can give CEOs sleepless nights. Now, consider that we live in times where cyber-attacks are increasing at breakneck speed and that everyone is a potential target. It is plain as day that every business needs a cybersecurity playbook.

Typically, a playbook relates to things you want to standardise and in this instance, it refers to how a business prepares and shores up its defences, as well as how it standardised its incident response procedure according to best practice in a way that results in the least amount of damage to the business.

Some of the most well-known businesses in the world, including in South Africa, have fallen victim to breaches.

Even if the data damage was minor in the greater scheme of things, they have suffered immense reputational and regulatory damage in the form of fines.

Just who are these threat actors? There are those who are in it for the money alone, others who are state-sponsored, some are driven by ideology and some may even be disgruntled staff in your own organisation. In some of the most malicious attacks, competition businesses pay threat actors to bring down a business’s systems to benefit their own.

How do they achieve their goals? If you pay them a ransom, they make money. If you don’t, they will make money selling your data.

They become vindictive and will widely publicise the extent of your data breach. Of course, if you did pay a ransom you will be attacked again because the threat actor knows you pay.

Often, as Armata, when we are called in to do an assessment of an environment after a breach we find that the threat actors have built a backdoor for another attack at a future date. Most times, we find many more areas of vulnerability that no doubt sophisticated hackers would also have spotted.

With this in mind, let’s take a closer look at what a cybersecurity playbook entails. It is a blueprint on how to react to the crisis with a clearly defined procedure. The incident response team is only one aspect.

A proper computer security incident response team (CSIRT) process will include the C-suite and other vital team members, such as those who are responsible for the day-to-day operations, dealing with stakeholders and customers, someone from the legal department, the heads of IT and people who look after the various systems, and marketing and communications. The playbook has clearly defined functions and responsibilities for each of these people. 

By way of example, suppose there has been a ransomware attack. The response may look like this:

The attack has only locked us out of our systems, and we can concur that no data has been stolen. The only impact is that it has affected the running of the business and so we either need to restore our systems or pay a ransom.

Legal says, yes we have not lost data so we do not need to report to the regulator about a POPIA breach, but it is advisable to let them know that we have had a ransomware attack and that we are looking at bolstering our security to stop it from happening again.

The CEO asks what would happen if an employee lets the news out and the story gains legs of its own, and so suggests that the business announces the attack publicly, and frames it as a business-impacting event where no customer data was stolen and that it is business as usual pending the restoring of systems.

The communications and PR team drafts the statement and reactive holding statements and manage potential media enquiries.

The business then engages a cybersecurity expert business to come in and run pen tests, analyse the system, and make recommendations on beefing up security and fixing vulnerabilities, or to take over the duties of a managed services arrangement.

The above is only surface-level for illustrative processes but it is useful in explaining the scope of a cybersecurity playbook.

Every organisation should take a moment to look into its own cybersecurity strategy and incident playbook and make sure that it has invested the type of attention it deserves.

Consider that if an organisation is attacked and the regulator finds that it did not take all reasonable steps to protect its systems, it could fall foul of compliance and be liable for massive fines and reputational damage.

Whereas, if the business had been working with an expert partner, those questions would have already been dealt with and the incident response would have been managed correctly.

Always seek out a partner that has experience, across industries and organisation sizes, so that you can get the best possible advice and service to protect your organisation and your customers’ data.

Loading

Advertisements
MTN ADS

Author

  • Techeconomy
    Techeconomy

    View all posts
0Shares
Tags: Armatacybersecurity playbookPOPIARichard Frost
Previous Post

Moniepoint Advocates for More Thriving Hubs Outside of Lagos, Abuja

Next Post

Building Infrastructure that Allows the Remote Office to Thrive

Techeconomy

Techeconomy

Related Posts

SMS Scams on the rise
Security

SMS Scams Surge 73% | Data Finds Key Trends

by Joan Aimuengheuwa
June 2, 2025
0

Key Findings The brands that scammers imitate the most are USPS (15.43%), IRS (11.71%), and Amazon (7.71%)– over 170 other brands were identified....

Read more
IHS Nigeria and Tower sites security

IHS Nigeria Commissions 65 Patrol Vehicles to Enhance Telecoms Tower Site Security

June 2, 2025
Cyberdefence SensePost

SensePost debuts SecDevOps: A developer-oriented Security Training Course

May 29, 2025
Check Point to acquire Veriti

Check Point to Acquire Veriti Cybersecurity

May 28, 2025
Autonomous Cyber threats | Nigeria - Transparent Transformation, Bridging digital divide, Nigerian Businesses and cybersecurity by Oluwole Asalu

Nigeria Must Prepare for the Rise of Autonomous Cyber Threats

May 27, 2025
DDoS and NETSCOUT

Nigeria, Mali Lead West Africa in DDoS Attacks for Late 2024, Says NETSCOUT

May 27, 2025
Next Post
Remote Office

Building Infrastructure that Allows the Remote Office to Thrive

Comments 1

  1. Pingback: Beyond Contracts and Compliance: Building Trust in Security  | Tech | Business | Economy

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Techeconomy Podcast

Techeconomy Podcast
Techeconomy Podcast

Infowave is brought to you by TechEconomy. Every week we will bring new stories from startups and influencers who are shaping and changing the world we live in. We’ll also bring you reports on topics you should know.

Follow us @techeconomyng for more.

TECH TALK EPISODE 2
byTecheconomy

PRODUCTIVITY AND WORK-Life Balance

TECH TALK EPISODE 2
TECH TALK EPISODE 2
May 22, 2025
Techeconomy
CYBERSECURITY ESSENTIALS
April 24, 2025
Techeconomy
Digital Marketing Trends and strategies for 2025 and beyond
February 27, 2025
Techeconomy
Major Lesson for Techies in 2024 and Projections for 2025
December 6, 2024
Techeconomy
Major Lessons for Techies in an AI-Driven World | Techeconomy Business Series Highlights
November 26, 2024
Techeconomy
Maximizing Profitability Through Seasonal Sales: Strategies For Success
November 8, 2024
Techeconomy
Techeconomy Business Series
October 15, 2024
Techeconomy
PRIVACY IN THE ERA OF AI: GETTING YOUR BUSINESS READY
May 30, 2024
Techeconomy
Unravel the Secrets of Marketing Everywhere All At Once with Isaac Akanni from Infobip | Infowave Podcast Episode 1
February 9, 2024
Techeconomy
The Role of Ed-tech in Life Long Learning and Continuous Education
October 19, 2023
Techeconomy
Search Results placeholder

WHAT IS TRENDING

https://www.youtube.com/watch?v=g_MCUwS2woc&list=PL6bbK-xx1KbIgX-IzYdqISXq1pUsuA4dz

Follow Us

  • About Us
  • Contact Us
  • Careers
  • Privacy Policy

© 2025 Techeconomy - Designed by Opimedia.

No Result
View All Result
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
      • Accessories
      • Phones
      • Laptop
      • Gadgets and Appliances
      • Apps
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
      • Broadband
    • Mobility
    • Environment
    • Travel
    • Commerce
    • StartUPs
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • Appointment
    • EventDIARY
    • Editorial
  • Apply
  • TecheconomyTV
  • Techeconomy Events
  • BusinesSENSE For SMEs
  • TBS

© 2025 Techeconomy - Designed by Opimedia.

Translate »
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.