3 steps to prepare for inevitable cyber attacks in 2023 

Five key steps to ensure that you get it right the first time.
Home 9 Thought Leadership 9 3 steps to prepare for inevitable cyber attacks in 2023 

In 2023, cyber security breaches are inevitable. In this blog, Systal Security Solutions’ VP of Professional Services Mark Clegg explains the 3 vital steps your organisation should take to prepare, respond, and recover from cyber attacks.

Cyber Attacks in 2023: It’s not “If”, it’s “When” 

It is currently accepted that, when it comes to businesses suffering a cyber incident, it’s not if it will happen, but more accurately when it will happen. The prevalence of attacks and ease of access to methods of attack, together with ever-expanding attack surfaces, provides considerable opportunities for your organisation to suffer from cyber security breaches. 

According to the UK Government’s 2022 Cyber Security Breaches Survey, 39% of UK businesses reported a cyber security breach or attack in the previous 12 months, with the survey findings also suggesting this percentage may be higher as “less cyber mature organisations may be underreporting.”   

While these statistics are open to (mis)interpretation, they highlight a prevalence of breaches and attacks at a scale and level of concern for which organisations need to prepare responses. As recent and constant news reports have illustrated, organisations of all sizes and profiles are potential targets for would-be attackers.

3 Steps to Plan, Prepare, Respond, and Recover 

As part of your organisation’s 2023 Defence-In-Depth (DiD) approach to cyber security, you need to allocate adequate energies towards how to plan, prepare, respond, and recover from cyber security attacks.  

Whilst Systal offer a tailored incident response approach with bespoke recommendations to meet individual business needs, there are 3 general steps that any organisation can and should take to prepare for the threat of cyber security breaches: 

Step 1: Assess existing response plans  

To start, assess your organisation’s existing cyber security response plans and playbooks. For example, this might include: 

  • Your processes for reporting suspected attacks 
  • How you assess the severity of attacks 
  • How you escalate to higher management 
  • Your existing processes for stemming attacks 
  • How you communicate attacks with relevant stakeholders 

At this stage, your business would also greatly benefit from assessing its incident response team compositions and evaluating them against industry-recognised best practice. 

Step 2: Develop and test incident response arrangements  

Having assessed current plans and playbooks, Step 2 involves developing arrangements to an appropriate level for your organisation. All staff who are involved in incident response must be fully aware of their roles, and all plans should be validated through progressive testing, appropriate to the current maturity levels of your responding teams.  

The results from these tests are invaluable. They will highlight gaps in your plans, procedures, technologies and team skills. Crucially, this will all be tested in a safe and controlled manner, allowing your organisation to subsequently develop action plans to close these gaps.  

Step 3: Address gaps and build ‘muscle memory’ response 

Finally, step 3 involves properly addressing those gaps. Doing so effectively will build confidence and organisational response ‘muscle memory’. Since the overall aim of this process is to reduce the impact of potential incidents when they occur, this will help your organisation ensure a more efficient and prompt response and recovery. 

Systal’s Incident Response Planning & Testing Services 

Here at Systal, our Incident Response Planning & Testing service helps you prepare your response and recovery from any security incident.  

Our team of industry experts will work closely with you to test your organisation’s internal security incident response capabilities to design and deliver bespoke recommendations which meet your individual business needs. This tailored and detailed incident response approach will give you increased confidence in your security response and recovery capabilities. 

For more information, contact us using the form below for a no-obligation consultation with me or one of our cyber security experts.  



Home 9 Thought Leadership 9 3 steps to prepare for inevitable cyber attacks in 2023 
Post Incident Recovery

Post Incident Recovery

Recovering from a cybersecurity incident can be a challenging and stressful time for any company. Naturally, there will be a strong desire to return to normal business operations as quickly as possible, but it is vitally important that post containment recovery is a...

Infrastructure as Code: Is the Command Line now dead?

Infrastructure as Code: Is the Command Line now dead?

Infrastructure as Code: Is the Command Line now dead? As a network engineer, I have had my fair share of cabling racks, puzzling over server rack mount kits and losing time (and skin) battling with a stubborn cage nut over the past 20+ years. But for the past few...

Get in touch to discuss a bespoke solutions package

Contact us