lawyermonthly 1100x100 oct2024eb sj lawyermonthly 800x90 dalyblack (1)

Here’s What We Can Learn from Travelex Response to Cyberattack

In this Article
Reading Time:
2
 minutes
Posted: 14th January 2020 by
Susan Hall
Last updated 13th January 2020
Share this article

Foreign currency seller Travelex was forced to take down its website following a cyber-attack on New Year’s Eve with hackers still holding the company to ransom more than a week later.

Although the company said an early investigation "shows no indication that any personal or customer data has been compromised" Travelex has resorted to carrying out transactions manually.

Susan Hall, a specialist in information and communications technology at Clarke Willmott LLP , told Lawyer Monthly the company’s response to the attack has been spot on and other businesses should take note.

Initial indications suggest that Travelex are doing the right thing. Businesses, particularly ones in the financial services sector, have to be prepared to be the focus of a cyber-attack, and this is an example, working through in real time, of what seems to be a disaster recovery plan swinging into operation.

There is a manual alternative to keep services running, clear communication to the public and reassurance about data security.

It’s particularly admirable since it’s multinational and occurring at a time where there are likely to be a lot of people off on holiday.

Make sure that communications come from a senior source who acts as the company spokesman.

Travelex has demonstrated a good model of practice and its model gives us a five-point plan for businesses to protect themselves in similar circumstances.

  • First step is to develop a good disaster recovery plan for your business. This plan should be constantly refined and updated and most importantly it should be tested to check it is fit for purpose.
  • Response team should be on call 24/7 - cyber criminals don’t sleep so your team can’t either!
  • Causation, Correction and Communication: analyse what went wrong, correct what went wrong and communicate what you’re doing.
  • Lead from the top: make sure that communications come from a senior source who acts as the company spokesman. It is therefore important to ensure that whoever is on the frontline is appropriately media trained and confident in dealing with press and public enquiries.
  • Don’t skimp on resources – throw everything at it that’s needed.

About Lawyer Monthly

Lawyer Monthly is a news website and monthly legal publication with content that is entirely defined by the significant legal news from around the world.