Organizations must respond to data breaches as fast as 72 hours after becoming aware of them to comply with the NYDFS (New York Department of Financial Services) Cybersecurity Regulation, DFARS (Defense Federal Acquisition Regulation Supplement), and the EU’s GDPR (General Data Protection Regulation).
This places a significant burden on organizations: taking the appropriate measures to comply with the law while dealing with the collateral impact of a breach is no walk in the park!
The Ponemon Institute Cost of a Data Breach Study 2018 indicates that one in four organizations will suffer a data breach in the next two years. It’s quite possible that your organization will be among them, so it’s important to have a plan in place to deal with cybersecurity incidents. An effective incident response program can help you detect, respond to, and recover from incidents in a fast, planned, and coordinated fashion, limiting the damage, reducing recovery time and costs, and enabling you to meet laws’ requirements. However, only about 30% of organizations have an incident response plan in place, according to the PwC Global Economic Crime and Fraud Survey 2018.
Implementing an incident response program can be challenging
CREST (Council of Registered Ethical Security Testers) highlights these top ten challenges of cyber incident response management:
- Identifying a suspected cybersecurity incident
- Establishing the objectives of an investigation and a clean-up operation
- Analyzing all available information related to the potential cybersecurity incident
- Determining what has actually happened
- Identifying what systems, networks, and information (assets) have been compromised
- Determining what information has been disclosed to unauthorized parties, stolen, deleted, or corrupted
- Finding out who did it and why
- Working out how the incident happened
- Determining the potential business impact of the cybersecurity incident
- Conducting a sufficient investigation using forensics to identify those responsible
#BreachReady summer sale
Want help developing your ability to protect against, remediate, and recover from a wide range of cyber incidents? Try our cybersecurity incident response consultancy services. These services are among the many items in our #BreachReady promotion – choose what suits you to make your own sale!