Cybersecurity Insights

Benjamin Hosack

Incident Response Planning and Fire Drills

22/01/15 00:49

Incident Response and Fire Drills

How regularly does your business conduct fire drills?

 - weekly - monthly - quarterly?

Fire drills are an accepted and necessary procedure to help organisations keep their people safe – accepted by the executive board as an intrusive, but necessary part of running a successful, happy, safe business.  



Fire can be devastating – potentially life-threatening and definitely disrupts business operations. While data theft cannot be put in the same “life-threatening” category of fire, it certainly can cause a huge disruption to the health of a business – ask the ex-CEO of Target, ask the executive team of Sony, Home Depot, Michaels, Niemann Marcus, Dairy Queen…. and so the list goes on. 

iStock_000038991362Small

High profile businesses, as well as small, large and any size business in between are getting hacked daily – in a recent industry dinner we made the point to the other guests that our forensic team has never been so busy helping victim organisations.

During this month of January 2015, we have managed over 75% of the number of cases forensic investigations on hacked businesses that we managed in the whole of 2012 – and 2012 was a busy year for us!  That's a staggering thought - especially for us.

Thinking that it will not happen to your business is an easy mistake to make.

Savvy businesses are investing time and effort into testing their security systems and preparing for the worst-case scenario – a full data breach. If you haven’t formalised your Incident Response Plan, some of the questions you should ask your executive team are:

  • Who would form the core team to manage the incident?
  • Who in the executive team would have responsibility? Home Depot’s situation was managed by their CEO. Would your CEO have the time, ability and knowledge on how to handle the situation?
  • Do you have a specialist, experienced PR firm to support you – an organisation that understands payments, data compromise and the implications of the situation for your business?
  • Do you have a lawyer who can understand your business, your potential liabilities and be able to defend you? Quickly?
  • Do you have a forensic team that you know, trust and can rely on? A team that you have vetted? 

Incident Response should be managed much in the same way as fire drills – you need to practice regularly so that your business has an automatic plan to kick into action as soon as you have a problem.

For more information on Incident Response Planning, you can download our free guide below:

Click here to download our  Incident Response Planning Guide



 

TRENDING POSTS

David Kirkpatrick
Penetration Testing: The Quest For Fully UnDetectable Malware

Malware continues to be one of the main attack vectors used by criminals to compromise user and ...

Read More