Cyberattacks: AFNOR organizes the parade

The figures are frightening: according to the CESIN 2022 barometer, more than one in two French companies experienced at least one cyberattack in 2021. And each of these attacks results in a 27% loss of revenue! No economic player, large or small, public or private, is immune, nor should they turn a blind eye to what needs to be put in place to prevent attacks. At the time of writing, the hospital in Versailles has been hit hard! The presence of ransomware often signals the end of an attack," warns Lionel Mourer, consultant-trainer for AFNOR Compétences, which provides training on managing a cyberattack .

AFNOR Spec 2208: a summary of best practices

More serious is the denial shown by business leaders regarding the risk of cyberattacks. According to the Eurogroup Consulting barometer, despite the media coverage of numerous attacks at the end of 2022, cyber risk ranks second to last in the risk perception rankings, with only 15.7% of executives surveyed citing it. "Nearly a third of large companies place it in the top three risks for 2023, compared to a minority of mid-sized companies and SMEs. This downgrading can be explained by both a lack of resources and an underestimation of the risk," comments Eurogroup Consulting. However, these smaller companies are the number one target for hackers: "The cybercriminal threat, and more specifically that linked to ransomware, continues, with a resurgence of activity at the end of 2022. It particularly affects microbusinesses, SMEs, and mid-sized companies (40% of ransomware cases handled or reported to ANSSI in 2022), local authorities (23%), and public health institutions (10%)," reports the French National Cybersecurity Agency (ANSSI) in its latest overview of cyber threats

To help organizations prepare, AFNOR has published a guide entitled "Cyber resilience, IT system reconstruction, and business continuity in the event of a crippling cyberattack." Available free of charge in the AFNOR Editions collection under the title AFNOR Spec 2208, it brings together recommendations and best practices from around 40 organizations, many of which have experienced cyberattacks: SMEs, mid-sized companies, start-ups, large groups, hospitals, etc. "We needed recommendations on how to organize ourselves before and during an attack: how to assess the risk, what criteria to use to make decisions, what to prioritize to maintain service continuity, such as lighting in rooms and corridors," says Béatrice Bérard of the French Hospital Federation, one of the contributors.

AFNOR itself suffered a cyberattack that deprived it of its information system for several weeks in the spring of 2021. "Our biggest commitment after the attack was to invest in writing a guide to help companies that find themselves in this situation to cope," says Frédéric Leconte, Director of Information Systems at the AFNOR Group.

AFNOR Spec 2208: continuing operations and rebuilding the information system

This guide has just been published. It provides CIOs and CISOs with guidelines and operational recommendations for anticipating and responding to cyberattacks, depending on the nature of the business, its maturity (three levels are defined), and the organization's resources. "Cyberattacks can knock organizations out of action for long periods of time: several weeks or even months. We therefore started with the concept of a crippling cyberattack. This certainly raises the question of how to rebuild the information system after the event, but above all how to ensure business continuity over a long period of time in the absence of IT tools or in the presence of tools operating in degraded mode," explains Xavier Hartout, a consultant at Adenium BRG, who co-led the group of editors of the AFNOR guide. From this perspective, a business continuity plan (BCP) is the first thing to put in place. This guide explains how to build one and which actions to prioritize in degraded mode, such as paying salaries without payroll software, for example. The idea is that a good BCP enables good resilience. The guide consists of four parts:

1. Recommendations in the event of a crippling cyberattack
2. Technical specifications for the reconstruction of the information system
3. Recommendations for business continuity
4. Recovery from crisis, feedback, and capitalization after a cyberattack

It includes several appendices: a summary of best practices, a cyber insurance subscription form, a summary guide for small businesses, and a form for triggering an IT continuity plan.

Cybersecurity figures for 2021 in France:

• 54% of French companies attacked in 2021
• +255% increase in ransomware attacks in 2020 compared to 2019
• €50,000: the median cost of a cyberattack
• An average loss of 27% of revenue in France

Sourcehttps://www.stoik.io/cybersecurite/chiffres-cles