The Cyber Threat Prevention and Preparation for Response
Contributed By: Pete O’Dell
Cyber-attacks are today’s biggest real time threat for organizations of all sizes. You have to deploy defensive measures to prevent attackers from breaching your information systems, and be prepared to respond if an intrusion attempt is successful. One area that is critical to aiding this process are talented, contingent professionals.
This is a complex problem even for the most talented and focused efforts. It can be exacerbated by old technology and a shortage of talented security personnel. In the end, it is the responsibility of the company’s leadership team to create and administer a plan. Whether you utilize your internal resources or, in most cases, use outside help to augment internal resources; it starts with the leadership. Sensitizing the entire company about security with the right “Tone at the Top” is critical – everyone needs to insure a cyber-aware culture. Having external resources review your plans and participate in exercises will often give a more unbiased view of how prepared or vulnerable an organization is today. Focus on identifying special protective measures for the company’s most critical data first, ie. customers, intellectual property, trade secrets, industrial control systems. It doesn’t all need to be done at once so prioritization is key.
The odds today are such that you will be breached by attackers; and attacks are becoming more sophisticated with each passing month. Waiting until after you are breached to put together a plan puts you at a major disadvantage, substantially increases your risks and is the most costly option. A responsible breach plan has to be developed in advance, identifying roles and responsibilities, continuity measures, and personnel/partners who will help you “surge” until you are back to a stable operating capability. A serious breach will radiate far beyond the Information Technology group, and typically require multiple areas of expertise and capability to be added as part of the response. This is a companywide initiative, not exclusive to your IT team. Only by taking a proactive response and planning ahead will your organization be able to react in a capable manner. Identifying, training, and exercising your plan in advance will help you insure a smoother response and protection of your (and your customer’s) valuable information.