Many organisations must face a troubling fact: defending their digital perimeter is not enough. They should assume that successful cyberattacks will occur, and develop an effective plan to mitigate the impact.
Cyberattack dangers on the rise
Cybercriminals are successfully targeting organisations of all sizes across all industry sectors. Recent analyst and media reports make clear that attacks are becoming increasingly sophisticated and more frequent, and their consequences more dire.
One global company that suffered a large breach spent more than US$100 million on investigating the incident and on other direct remediation activities. But those costs were small compared with the subsequent multibillion-dollar loss in market capitalisation, which was largely attributed to investors’ loss of confidence in the company’s ability to respond.
That’s why it’s not enough to focus, as many enterprises do, on defending the digital perimeter with cybertechnologies such as intrusion detection and data loss prevention. When determined adversaries such as hacktivists and organised criminal syndicates set their minds to finding a way inside, every organisation with valuable digitised information is at risk of having its perimeter breached and its critical assets compromised.
Indeed, most organisations today would do well to expand their efforts to mitigate the consequences of inevitable breaches, which are likely to affect infrastructure systems and compromise key data such as personally identifiable information.
The role of an incident response plan
An incident response (IR) plan guides the response to such breaches. The primary objective of an IR plan is to manage a cybersecurity event or incident in a way that limits damage, increases the confidence of external stakeholders, and reduces recovery time and costs.
For example, the US Department of Defense, which spends upwards of US$3 billion a year on cybersecurity, operates on the assumption that its unclassified networks may be penetrated, and therefore concentrates on maintaining operations and minimising damage from a breach.
Sign up to our newsletter
– to stay up to date and gain access to regular bulletins, news and our insight on current events
IN OUR LATEST NEWSLETTER
“Leading and managing change”
– our January White Paper explains the key points that underpin successful change
“Breaking eggs to help a global bank avoid regulatory fines”
– this month’s featured case study
“Ten essentials for coaching”
– our latest Snapshot offers ten commandments to help you lead your employees
“Building accountability among your employees”
– seven tips for CEOs in our January video
“The three Es of a business-winning presentation”
– guest author Dexter Moscow defines a highly effective framework