How do you become a victim?
The Utrecht Archives has a public collection. In short, not interesting for cybercriminals, right? Nothing could be further from the truth: hackers search everywhere for information. This is how The Utrecht Archives also became a victim of a cyber breach. “Our data was held hostage by a ransomware group on the evening of March 10. The only file we still had access to was a GIF file containing the contact details of the ransomware group,” says Luuk.
And then?
The Utrecht Archives contacted KPMG, their partner in cybersecurity. Luuk (The Utrecht Archives) and Lars Jacobs (KPMG) explain in the video below what exactly happened and how they responded.
Essential lessons: safeguarding security
- Ensure an offline backup so that at least one backup remains accessible during a data breach.
- Contact external parties in advance who can help; doing so afterward costs more money and time (time you don’t have at that moment).
- Make the contact details of the external party available offline so that all internal team members know who to contact, even if they can no longer access the system.
- Outsource monitoring to an organization specialized in IT security.
- Create a playbook in case of a cyber breach, outlining the roles within the internal organization and the procedure for involving external parties, such as authorities or an IT security organization.
"People are a crucial element in cybersecurity."
Map out cyber risks
Not every organization has the budget to fully secure their data systems. Wim advises starting by identifying where the risks lie within the system.
Ask yourself these 4 questions:
What do I need to protect?
Every organization manages data or files that are crucial to protect. Personal data and financial data have the highest priority because they are the most vulnerable.
Can employees access the material?
“You can lock all doors, but if someone clicks on a phishing link, the hackers still get in,” explains Wim. By making confidential data accessible only to those in the company who actually work with it, you reduce this risk.
Do employees know how the IT systems work?
If the number of employees with access to confidential data is limited, it’s also important to ensure they know how the IT systems work. Regularly inform them about preventing data leaks and the importance of cybersecurity. Wim adds: “For example, an employee shouldn’t accidentally delete the backup, as that would still cause a problem. You need to keep informing them about this.”
How can I limit the impact of a cyber breach?
A cyber breach can happen to anyone, so it’s important to minimize its impact. For example, The Utrecht Archives now has an offline backup of their data. This allows them to quickly restore their files and ensures that the data cannot be held hostage. You might also consider spreading data across multiple servers to limit damage. The Utrecht Archives decided that monitoring on their own was too labor-intensive with their limited staff and now work closely with an external party.
Want to learn more about this topic? DEN researched cybersecurity in the cultural sector.
More articles per topic
