• Bookmark me

      |

      Share on

      FEATURED STORY OF THE WEEK

      Five Steps to Next-Generation Incident Preparedness and Response

      Written by :
      Team Uvation
      | 8 minute read
      |June 30, 2022 |
      Category : 5G
      Five Steps to Next-Generation Incident Preparedness and Response

      Recent disruptions associated with the COVID-19 pandemic have spurred a concerning trend: cyberthreats have grown among 86% of organizations in the U.S., Cybersecurity Dive reports, as well as 63% of companies in other countries. Cybersecurity risks span sectors of the global economy as well, where 11 industries have seen at least one “serious vulnerability across at least half of their applications every day for the past year,” says Forbes in their September 2021 article. “This coupled with the probability of organizations experiencing a data breach approaching 30%, is a sobering reminder that incident reaction is not enough.”

       

      Business and security leaders must invest in both preventative and responsive security elements to mitigate the risks of these rising threats. Fortunately, cybersecurity issues are increasingly part of executive boards’ overall priorities—leadership from chief information security officers (CISOs) has grown more relevant within a broader, companywide approach to risk assessment and mitigation.

       

      But with that new voice comes greater responsibility in terms of making a business case for necessary preventative and responsive measures. Not all security leaders can both make the right strategic decisions and defend those decisions when high-level budgets and stakeholder concerns are involved.

       

      Today’s security leaders need a deeper understanding of cybersecurity risks, opportunities, and capabilities as a result. More importantly, they must identify worthwhile strategies and resources, then justify those investments to their fellow business leaders in a way that will drive long-term, company wide security and success. In this article, we explore how security leaders can make positive decisions that protect their companies from cybercriminals, specifically through next-generation measures for incident preparedness and response.

       

      Understanding the Modern Cybersecurity Landscape

       

      Cyberthreats affect companies of all sizes and locales. In just the past 12 months, more than one-third of global organizations have encountered barriers to systems or data access due to breaches or ransomware attacks, IDC reports. Virtually all organizations affected by such attacks pay a price—only 13% of organizations who did experience a ransomware attack or breach did not pay a ransom, says IDC. 2020 cybersecurity complaints in the U.S. exceeded past records, with USD$4.1 billion in losses reported that year.

       

      Traditional incident readiness and response measures such as firewalls, network monitoring, companywide training, and “pen testing” are effective ways to mitigate these risks and prevent or respond to real-world threats. But truly comprehensive, modern approaches are sparse among today’s small, mid-size, and enterprise companies, all of which are targeted equally by bad actors today.

       

      A silver lining to the recent surge in attacks is the growing interest among board members and executive leaders to improve cybersecurity measures. No one can afford to ignore the recent advances in the breadth and sophistication of modern attacks. Preventing them and reducing the damage of an incident both require high-level investments and clear strategic guidance to be effective. This increase in high-level awareness means business leaders are undertaking more worthwhile incident prevention and response initiatives than at any time in history.

       

      Incident Preparedness and Response Today

       

      Incident preparedness and response is made even more challenging by recent changes in the operational structure of modern organizations. The recent rise in ransomware attacks corresponds with the growth in hybrid work environments, for example, where a traditional perimeter defense does not account for countless employees working remotely, often on personal devices and via personal networks. The process of isolating incidents and tracking criminal behavior may take longer than usual as a result, reported Forrester in their June 2012 article; preventing these attacks becomes more challenging to begin with as well.

       

      The high-profile nature of today’s attacks can yield lasting damage as well—not just to company data, finances, and infrastructure, but also to a company’s brand reputation and both consumer and stakeholder trust. Since many B2C companies call for consumers to offer up some of their personal information, for example, consumers may be less likely to create customer accounts on which those companies rely to drive business.

       

      Meaningful Progress Depends on Senior Leadership

       

      There is clear evidence that companies who have made progress in their digital transformation (DX) efforts are “less likely to have experienced a ransomware event,” IDC reports: “These organizations that have committed to a long-term DX investment plan with a multi-year approach tied to enterprise strategy.” Consistent among these companies are dedicated investments in cybersecurity technologies, strategies, and partnerships driven by senior leadership.

       

      Indeed, executive buy-in is critical to realizing truly modern cybersecurity—and C-Suite leaders are making progress in this area. But event today, only 37% of CEOs are supporting “adequate resources, funding, and sufficient priority” for cybersecurity issues, PwC reports. Even so, and as described, there is real business value in mitigating risks associated with modern cybersecurity threats, including:

       

      –  automating key aspects of cybersecurity, relieving pressure on internal resources
      –  reduced costs and time associated with prevention and response
      –  successful partnerships that put companies on the cutting edge of protection
      –  extensive awareness and training among regular employees, as well as IT professionals

       

      5 Ways You can Improve Your Incident Preparedness and Response

       

       

      5 Techniques You Can Employ to Improve your Incident Preparedness and Response

       

      Consider your own proactive incident and preparedness and response strategy with the following questions:

       

      –  How is our IT department handling its existing workloads?
      –  Can our security team manage next-generation preparedness and incident response (IR) alone?
      –  Does our broader organization have sufficient cybersecurity training and literacy?
      –  Do we have the support of our executive leadership that we need?

       

      Finding the right answers these questions will give you a foundation for getting started with your own next-generation strategy. Doing so may also relieve some of the cybersecurity burden from your existing staff as well. Here are five ways you can bring your next-generation strategy to fruition.

       

      1. Assemble Your Team

       

      Leading companies utilize a range of internal and partner-based personnel to create a winning incident preparedness and response team. Members keep stakeholders abreast of the latest opportunities and challenges, and handle incidents on a case-by-case basis as they arise. After an incident has occurred, this team will oversee remediation and recovery, minimizing the damage caused by individual events.

       

      These teams include internal security leaders, but also talent among consultants and partner resources where available. Indeed, by working with external teams, security leaders can minimize time and costs associated with preparing and responding to cybersecurity incidents using internal resources.

       

      2. Assess Vulnerabilities & Threats

       

      Prepare your team to measure your company’s cybersecurity maturity. Leading companies in this area take an honest, objective approach to vulnerability analyses, creating a clear picture of their readiness against future attacks. This type of audit is critical in today’s networked environments, where smartphones, Internet of Things (IoT) devices, and employees working within personal networks strain the traditional perimeter-based security approach.

       

      3. Engage in Consistent Monitoring

       

      Consistent monitoring is now table stakes in modern cybersecurity. Fortunately, partner ecosystems allow for powerful technologies that provide continuous monitoring, often through some combination of automation and dedicated human labor.

       

      In addition to consistent monitoring, cybersecurity teams should use quarterly exercises and updates to keep employees and executive leaders abreast of the latest threats and vulnerabilities. These sessions allow security experts to gauge their preparedness and ensure their employees have the latest information and resources on preventing attacks.

       

      4. Create a Culture of Security

       

      “Awareness” is often the term of choice when describing non-technical employees’ involvement in cybersecurity. Although a necessary start, general awareness is insufficient when attackers rely on those employees’ mistakes to gain access.

       

      Employees need specific tools and guidance to reduce risks associated with user-based attacks. “The best results are always achieved when it’s part of their everyday work,” Forbes described in September 2021. With the right partners, executive leaders can provide employees with the resources they need in a concise, easy-to-understand manner, streamlining the creation of a security-focused company culture.

       

      5. Selecting the Right Cybersecurity Partners

       

      Modern cybersecurity requirements mean businesses can no longer afford to go it alone. Fortunately, they can supplement their security capacities with security specialists, made available by third-party partners.

       

      A multifaceted, partner-based approach can help companies put “a strong incident response (IR) program in place, with well-assessed and stress-tested IR plans and carefully orchestrated and rehearsed breach scenarios,” reported Forrester in their December 2021 article. Specialized partners can help companies certify security and data protection methodologies, enabling them to abide by any industry-related regulatory requirements as well.

       

      Taking Your First Step into Your Cybersecurity Future

       

      The future of cybersecurity is founded upon partnerships. Putting a detailed plan that includes a trusted incident preparedness and response partner in place today means you can focus more resources on line of business items in the years to come. Critically, companies cannot wait until an attack is underway to invest in these essential resources.

       

      Learn More About Incident Response with Uvation

       

      You can learn more about incident preparedness and response as it applies to your business. In time, Uvation can help you achieve ongoing security, giving you, your colleagues, your partners, and your customers ongoing peace of mind. Visit our incident response service page to learn more, or start a conversation about incident preparedness and response capabilities today.

       

      More Similar Insights and Thought leadership

      No Similar Insights Found