When it comes to combating cyber crime forward planning is crucial, according to Liam Rowland, head of incident response and forensics APJ at Dell SecureWorks.
Rowland says he believes that businesses taking action to protect themselves is the key, and if they don't they could be in for a surprise should their systems be compromised.
“The worst time to realise you are not prepared for a cyber-security incident is when a breach occurs. Security incidents are crisis situations that place a great deal of pressure on IT staff. Nearly every day the media report on organisations, companies and nation states that are dealing with information security breaches.
“From the smallest companies to the largest conglomerates, organisations around the world are attacked every second of every day and many do not have an incident response plan in place,” says Rowland.
While identifying and understanding the short and long term costs is important, Rowland says the real key is being prepared.
“Estimating what a breach might cost today can help a company better develop a plan for the day when an event does occur. Determining potential losses can highlight key areas of opportunity for enhancing security strategy, focusing budget and resources on the right vulnerabilities, and preparing the company to respond quickly and resolve a breach more effectively,” he says.
Rowland's vital tips for organisations on reducing and mitigating the overall impact of a breach include:
- Most importantly don't wait, take action now.
- Understand the costs of a breach to your organisation.
- Plan from a consequence approach. Identify a hierarchy of consequences based on breach scenarios can focus resources and potential investments in people, process and technology.
- Establish an incident response team and develop a comprehensive incident response plan. Test the plan frequently
- Engage a third party as part of the incident response plan. Third-party security responders should have the capabilities to plan for, detect, identify, and extricate cyber threats from the environment, and they should provide the necessary cyber forensics to assess damage and aid recovery.
- Train your employees. Security awareness training can become your first line of defence to prevent the initial intrusion vector of many breaches.
- Insure your organisation and make sure it's got you covered. Purchasing cyber insurance is a good best practice for decreasing some costs of a breach, and can help lower the cost per compromised record.
- Get leadership involved. Studies show that involving the board of directors in security decisions has a direct dollar correlation to decreasing the cost of a breach.