Fusion Risk Management Introduces Generative AI-powered Assistant to Help Businesses Build Resilience
How Not to Become the Next Victim of a Breach
Posted on: March 11, 2020 Author:
The recent confrontation between the U.S. and Iran raised concerns that organizations may become collateral damage in the event of a “cyber war” between the two nations. Cyber warfare is no longer theoretical. Texas Gov. Greg Abbott recently noted that the Texas Department of Information Resources had seen a spike in attempted cyberattacks from Iran on state agency networks at the rate of about 10,000 per minute over the previous 48 hours (Fort Worth Star Telegram, 1/7/2020).
In the course of just a few weeks we have witnessed: increased IT threats from cyber threats, potential loss/reduction of workforce and associated life safety issues due to pandemic threat, financial risks associated with both, life safety concerns from recent active shooters incidents, and more. Is your organization prepared to effectively address threats from multiple fronts?
Don’t let the pandemic threat impact your cyber threat or breach vigilance and response. With the potential impact of a reduction in your IT workforce, what are your plans to remain vigilant and responsive to cyber threats? A good information foundation and response plan supported by technology will put you in a better position.
Cyber is a risk for any organization. You need a solid cybersecurity program and action plan to ensure good decisions when an incident occurs. Effective response, successful recovery and complete remediation are dependent on timely decisions based on accurate, current data. Preparation and information availability will ensure the right decisions from the right people at the right time.
If your organization is breached, you need to act swiftly, no matter the current risk landscape. Consider:
Your response to a cyber incident must not be focused solely on IT. Your response requires a holistic approach to engage cross-functional teams throughout the enterprise at the right time, with an appropriate level of security.
Your decisions should be made based upon impacts. To understand impacts, a robust data model of your environment should contain a single source of truth for critical business processes, risks, IT applications/components, suppliers, etc. A solid information foundation not only supports quick, sound decisions at the time of an incident, but also assists in the preparation phase, including plan development.
Your actions must be well orchestrated. Due to complexity, required speed of response and number of stakeholders, an incident management strategy or system is necessary to achieve an integrated, orchestrated response.
Your response plans should support your response strategy. All cyber threats are a serious risk and should be treated as such. A cyber response strategy supported by documented policies and controls will provide guidance and direction.
Cyber threats present a unique type of risk for all organizations. The threat is constant, making the likelihood of occurrence extremely high, unlike the relatively low potential of most risks. Due to the sheer magnitude and ever-changing nature of cyber threats, it is not a matter of “whether” an organization will be impacted, it is a matter of “when.” Very few are fully prepared to respond to an incident at an enterprise or organizational level.
Response to a major cyber incident requires not only current, effective, IT-focused cyber plans, but also participation from all lines of business and operational support areas to ensure a successful integrated, orchestrated response. The increasing velocity of today’s threats heightens the need for a robust response strategy.
Listed below are some actions for consideration to improve your cyber risk preparedness:
Perform/review vulnerability assessments
Include critical business partners
Review/update enterprise cyber risk policies and definitions
Review/accelerate cyber risk controls and risk control test execution
Review/enhance current cyber threat strategies, capabilities, and actions
Detection, alert, escalation
Data backup strategies
Post-event reporting requirements
Review/enhance your organizational data model – information foundation
Identify/review critical elements of your ecosystem (internal and external)
Identify/review critical dependencies
Identify/report sites, applications, and data vulnerable to attack
Develop/review/enhance your Cyber Incident Response Plan(s)
IT/IT Security: Remediation actions should include application, data, and access tasks
Business departments: Plans should address specific cyber actions under a Loss of Technology scenario
Media Relations: Develop pre-approved messaging, trigger points, and reporting requirements
Compliance: Identify any regulatory reporting requirements
Legal: Determine potential financial liabilities
Facility Technology: Review software patches
Facilitate tabletops/simulations at the executive and departmental level (test the integrated organizational response, not just the IT response)
Test capabilities to communicate, orchestrate, and monitor the response
Include critical business partners
Much like protection from kinetic (or physical) terrorist attacks, organizations must be right every time to successfully defend against all cyberattacks. The bad actors only have to be right once to inflict severe damage on an organization. Without documented and integrated risk management plans and a formalized incident response strategy, the damage realized from a cyberattack may be irreparable.
While much has been written concerning hardening against cyber threats, now is the time for a prudent review of your cyber risk, your defenses against cyber threats, and your documented remediation actions in your cyber incident response plan.
Subscribe to our Newsletter
Stay up-to-date and receive our monthly insights!
Information Technology and Security Risk, Risk Management
Cookie Authorization Preferences
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
Please enable Strictly Necessary Cookies first so that we can save your preferences!