Cyber attack contingency plans should be put on paper, firms told

Cyber attack contingency plans should be put on paper, firms told

A cyber attack stalled production at Jaguar Land Rover factories in September, including at their Solihull site (pictured, file photo)

The warning comes as the National Cyber-Security Centre (NCSC) reported an increase in nationally significant attacks this year.

A recent spate of hacks has highlighted the chaos that can ensue when hackers take computer systems down.

The government has written to chief executives across the country strongly recommending that they should have physical copies of their plans at the ready as a precaution.

People should plan for potential cyber-attacks by going back to pen and paper, according to the latest advice.

Criminal hacks on Marks and Spencer, The Co-op and Jaguar Land Rover have led to empty shelves and production lines being halted this year as the companies struggled without their computer systems.

Organisations need to "have a plan for how they would continue to operate without their IT, (and rebuild that IT at pace), were an attack to get through," said Richard Horne, chief executive of the NCSC.

Firms are being urged to look beyond cyber-security controls toward a strategy known as "resilience engineering", which focuses on building systems that can anticipate, absorb, recover, and adapt, in the event of an attack.

Plans should be stored in paper form or offline, the agency suggests and include information about how teams will communicate without work email and other analogue work arounds.

... continue reading