You Know Your Company Will Be Hacked – What Will You Do?
This article gives the perfect analogy. What would you do differently if you knew you were going to be robbed some time, some day? The answer is simple – you would methodically put a plan into place. Of course, you would safeguard your house with preventive measures like locks on the doors, an alarm and possibly a safe for expensive items. But with a plan, you are taking the extra step of response. You would back up files on your laptop offsite. You would record your items in an inventory list so that you could account for all the stolen items. You will purchase homeowners’ or renters’ insurance. Taking these extra steps of response will allow you to get back to your normal life as quickly as possible.
These types of steps are not dissimilar to managing a security breach. In the past, the concentration was focused on prevention. While prevention remains an important part of managing an organization’s network it can no longer be the main focus.
“Clearly, we should not be giving up and accepting the notion that the only possible states are hacked, being hacked, and about to be hacked; there is still a lot we can do to improve protective and preventive measures”.
Knowing that a breach is a near certainty and just a matter of time, having a solid security plan is essential to mitigating damage done by a breach and getting your business back to “business as usual”. Time to detection and time to action is vital. Automated and collaborative security tools provide the answer to the time challenge faced by so many organizations. Many of the recent high-profile breaches went on for months without detection. In today’s business environment, we must find the right balance between prevention, detection and response. The recovery and survival of business depends on it.