As the Managing Director of SEESA, I recently experienced firsthand the devastating impact of a coordinated cyber-attack on our organisation. It was a Friday evening when the head of IT delivered the chilling news: SEESA had become the target of a malicious ransomware attack. Our entire IT infrastructure was compromised, millions of confidential client records were at risk, and operations across the company were grinding to a halt.
In moments like these, clear thinking and decisive action are paramount. We immediately activated our disaster recovery protocols, collaborating closely with our trusted IT partners, Velocity Technology Group and Intelys. Despite our best efforts, the recovery process was fraught with challenges as new threats emerged, threatening to derail our efforts at every turn.
Throughout the ordeal, one principle guided us: the value of clear and precise communication, rooted in strong relationships. We understood the stakes—not just in terms of lost work and operational disruptions, but also the potential erosion of client trust and reputational damage to SEESA as a compliance partner. Transparency became our shield against uncertainty, as we kept both our staff and clients informed, never shying away from sharing the details of our situation.
Our team worked tirelessly to bring systems back online, battling fatigue and the ever-present risk of oversight. The resilience they displayed was nothing short of inspiring. Despite the challenges, we managed to minimise the impact on our clients. While our business operations were interrupted for three days, thanks to a full restore and repair effort, the disruption to over 33,000 clients was barely noticeable. Importantly, no client data was compromised—a testament to our robust cybersecurity measures and proactive planning.
Reflecting on this experience, several key lessons emerged:
1. Prioritise Planning and Preparedness:
- Have comprehensive disaster recovery and incident response plans in place.
- Regularly review and update these plans to adapt to evolving threats.
2. Choose Your Partners Wisely:
- Collaborate with trusted IT and cybersecurity partners who can provide expertise and support during crises.
- Build relationships based on trust and reliability long before disaster strikes.
3. Transparency Is Non-Negotiable:
- Communicate openly with stakeholders, including staff and clients, about the situation and steps being taken.
- Transparency fosters trust and strengthens relationships during times of crisis.
4. Invest in Robust Cybersecurity Measures:
- Don’t compromise on cybersecurity solutions. Opt for the best, not the cheapest.
- Regularly assess and enhance your cybersecurity infrastructure to stay ahead of potential threats.
5. Assume the Worst, Prepare Accordingly:
- Always operate with the assumption that your organisation could be targeted by cybercriminals.
- Maintain multiple backups of critical data and systems, ensuring redundancy and resilience.
Our experience with ransomware was a sobering reminder of the importance of these principles. While the ordeal tested our resilience and resolve, it also reinforced our commitment to safeguarding client data and maintaining operational continuity. We hope that by sharing our story and the lessons we learned, other organisations can avoid learning these lessons the hard way.
In conclusion, while no organisation is immune to cyber threats, proactive planning, strong partnerships, and transparent communication can mitigate their impact significantly. Let our experience serve as a cautionary tale and a beacon of hope for those navigating the treacherous waters of cybersecurity in today’s digital landscape.
Author:
Roelof le Roux
Managing Director
CA/SA