Many organisations must face a troubling fact: defending their digital perimeter is not enough. They should assume that successful cyberattacks will occur, and develop an effective plan to mitigate the impact.
Cyberattack dangers on the rise
Cybercriminals are successfully targeting organisations of all sizes across all industry sectors. Recent analyst and media reports make clear that attacks are becoming increasingly sophisticated and more frequent, and their consequences more dire.
One global company that suffered a large breach spent more than US$100 million on investigating the incident and on other direct remediation activities. But those costs were small compared with the subsequent multibillion-dollar loss in market capitalisation, which was largely attributed to investors’ loss of confidence in the company’s ability to respond.
That’s why it’s not enough to focus, as many enterprises do, on defending the digital perimeter with cybertechnologies such as intrusion detection and data loss prevention. When determined adversaries such as hacktivists and organised criminal syndicates set their minds to finding a way inside, every organisation with valuable digitised information is at risk of having its perimeter breached and its critical assets compromised.
Indeed, most organisations today would do well to expand their efforts to mitigate the consequences of inevitable breaches, which are likely to affect infrastructure systems and compromise key data such as personally identifiable information.
The role of an incident response plan
An incident response (IR) plan guides the response to such breaches. The primary objective of an IR plan is to manage a cybersecurity event or incident in a way that limits damage, increases the confidence of external stakeholders, and reduces recovery time and costs.
For example, the US Department of Defense, which spends upwards of US$3 billion a year on cybersecurity, operates on the assumption that its unclassified networks may be penetrated, and therefore concentrates on maintaining operations and minimising damage from a breach.
Sign up to our newsletter
– to stay up to date and gain access to regular bulletins, news and our insight on current events
IN OUR LATEST NEWSLETTER
“How good is your cyber incident response plan?”
– our November White Paper will help you mitigate the impact of a cyberattack
“Management and project leadership training improves morale and attitudes to change”
– this month’s case study
“Five leadership lessons”
– improve your performance as a leader with the aid of our November Snapshot
– this video explains how to use benchmarks to strengthen your business
“Why radical honesty is a superpower”
– guest author James Bridgman attacks lazy thinking about marketing and branding