If there had been a back-up system, the business could have continued as usual, admittedly at a slower pace, but continued, nonetheless.

While the temporary closure of a Sydney bar is, ‘small beer’ when compared to the scale and consequences of Toll’s recent breach, there are a few common threads. 

Australia’s Cyber Security Research Centre CEO Rachael Falk says, “the key to knowing whether your organisation is cyber resilient is to be able to answer one very basic question; if key systems are no longer available, can essential data be made available to the extent required to carry on your business?”

It seems that both Toll and the Sydney watering hole failed that test.

Contrast that with Maersk, the Danish conglomerate that represents one fifth of the world’s shipping capacity. Maersk had to revert to pen and paper to fulfill orders after its systems became compromised by the NotPetya cyberattack, which struck in 2017. 

It took Maersk just 10 days to rebuild its entire international network of 4,000 servers and 45,000 PCs, an effort Maersk Chair Jim Hagemann Snabe described as “heroic” and testament to Maersk’s “human resilience”. The ‘human resilience’ to which Mr Snabe refers or, as Rachael Falk calls it, “cyber resilience”, needs to become an essential component of every organisation’s contingency plan.

Cyber resilience can only be achieved by cultivating two things: first, the technical know-how and the systems and processes necessary for the rapid retrieval of essential data from alternative sources; and second, a culture of trust and open communication with customers, suppliers and other key stakeholders.

Under Armour is a good example of this.

When Under Armour’s 150-million-user MyFitnessPal was breached in 2018, the company was praised for its response.

The company found out about the breach very quickly, mostly as a result of its strong external relationships. Internal trust that had been built allowed the company to promptly respond to the threat.

Secondly, Under Armour’s general preparedness, which involved transparent and honest relationships between the company’s leadership as well as the product, engineering, IT and security teams, meant relevant information could be shared quickly and responsibility assigned to the right people.

Finally, Under Armour’s well-articulated mission statement helped focus its team.

“When you have complete clarity of purpose, focus and leadership, you can get anything done,” Under Armour Senior Vice President, Toke Vandervoor said at the time.

Key steps for companies when managing their cyber risk:

1. Be prepared. Acknowledge that cyberattacks are now a fact of life. That means preparing for the worst, even if the worst never eventuates. 

2. Be proactive. Both Under Armour and Maersk contacted their customers and stakeholders immediately following the breach – and well before the media came knocking.

Companies need to be prepared so that when a breach or an attack does occur, they’re a bump in the road rather than a full-blown crisis.