The UK is set to leave the European Union at the end of October. If a no-deal Brexit occurs, there may be heightened risk of disruption both before and after the current Brexit date.
Periods of uncertainty can give malicious actors increased opportunities to take advantage of the disruption. In the run up to the Brexit deadline, firms should consider implementing additional measures to help protect against digital disruption and any cybersecurity issues that might arise..
How cyber-prepared are you for the Brexit period? Below are a number of considerations which Irish businesses can take.
Assess which threats to your business are likely to be heightened during the Brexit period, ranging from insider threats, DDOS attack, or malware injection. Take the appropriate actions based on the key risks you have identified.
Send communications to your internal users to apply vigilance during the period, and remind them of their end user security obligations and training. Also consider sending timely security awareness notifications to your customers.
As part of Brexit reporting to Senior Management, Irish businesses should consider adding cybersecurity to the agenda, outlining the measures being taken, and establish a protocol to notify them in the event of an incident.
Irish businesses should ensure they have identified the key personnel, and ensure their availability during the period, including 3rd parties. Also consider that Brexit occurs during half-term, a common annual-leave week.
Consider what measures third parties are taking to protect themselves during the period. Firms may outline what reporting is required from third parties to satisfy themselves that key risks are being managed and that events will be reported.
Security teams should consider whether the right monitoring is in place to identify events during the period. An increased risk profile may drive increased activities on the network, making sure the right level of monitoring is in place is crucial.