Four ways your company can respond to cyber threats
Recently NTT Com Security, a global information security and risk management organisation, released a report detailing their findings on the amount of unprepared businesses and organisations in regards to cyber security incidents. Alongside this the company also released 4 Incident response recommendations. They are as follows:
- Prepare incident management processes and “run books” – Many organisations have limited guidelines describing how to declare and classify incidents even though these are critical to ensure a response can be initiated. Depending on the type of attack, potential impact and other factors, response activities will be very different for each. Common practices for incident response also suggest organisations should develop “run books” to address how common incidents should be handled in their environment.
- Evaluate your response effectiveness – When incidents occur the last thing you want is to lack an understanding of standard incident response operating procedures. Evaluation of preparedness should include regular test scenarios. Consider post-mortem reviews to document and build upon response activities that worked well, as well as areas needing improvement.
- Update escalation rosters – As organisations grow and roles change, it is important to update documentation related to who is involved in incident response activities. Time is critical to incident response and not being able to quickly involve the correct people can hamper your effectiveness. Updating contact information for vendors such as your ISP, external incident response support, and other providers is just as important.
- Prepare technical documentation – To make accurate decisions and identify impacted systems, you must have comprehensive and accurate details about your network.