Secure Business

IT incident management

Small and medium-sized businesses are far from being immune to IT incidents. Sometimes the consequences can be disastrous.

Take for example a paralysis lasting several days of a company because of the total shutdown of its computers and production machines caused by cryptoware (a computer virus that has the particularity of encrypting computers in a network in order to obtain a ransom for unlocking them).

Be prepared

  • Ask yourself what kind of situation could cause damage to your business. Some companies may work very well with their website blocked, others may not. This step is what is known as Risk Assessment.

  • Establish an action plan to respond to incidents. The best thing is to have a detailed plan per type of incident, with a clear description of the roles and responsibilities of each person involved.

  • Test at least one of these plans annually to train your employees on how to react in such situations. Often it is a lack of experience that gives rise to mishaps that are best avoided in these times of crisis.

  • After each test, analyse how your teams responded and update the plan.

  • Remember to involve your communications team and your legal department when creating and testing the plan. 

  • Involve your employees so that, at the very least, they are aware of the existence of these plans. Get them to participate in the tests as much as possible.

For more detailed information on IT incident management, we recommend you read the guide drafted by the Belgian Cyber ​​Security Coalition, of which ING Belgium is a member. 

One last important tip

Always keep a copy of IT incident management plans outside of your computer system, in case it becomes inaccessible following an incident.