Important Incident Response and Cybersecurity Advice you need for 2020.
By Shawn Davidson
These days, cyberattacks don’t come from a couple of hackers in a basement. Most are launched from big operations resembling call centers, run by full-time professionals. To face such organized criminal enterprises, an Incident Response Plan is mission-critical for many businesses and organizations.
Just as police and fire departments have processes and procedures for responding to certain types of crime, businesses today must be prepared to identify a network breach as it occurs and execute instantaneously.
Having a plan and policy in place that’s known throughout your organization, which is tested and accepted, allows you to respond successfully to threat events. This requires a team that is equipped to execute a process for which they have trained and practiced. Here’s why that is a wise move.
1. Cybersecurity means more than “keep the criminals out of your system.”
No matter how carefully you harden your cyber defenses with controls or how much you prepare and protect with procedures and processes, there are still bad actors that will infiltrate and attack.
Most of the threats we see today have been in place for many years, but they are continuously being altered to circumvent existing security measures. Recently, we’ve seen “zero day” attacks launched within hours of the discovery of a software vulnerability before a fix becomes available.
The one thing that will prevent a cyberattack from inflicting significant trauma on your organization is an Incident Response Plan.
2. Your dynamic cybersecurity strategy must fit your unique business needs.
Cybersecurity means different things to different industries, and to different businesses within those industries. If you are a manufacturer, it is critical to keep your systems online at all times, but you might not be as concerned about a data breach. If you are a healthcare organization that has two million protected health-information records, you may be able to survive being offline for a short while, but you absolutely must protect all of that data.
Quest works with businesses and organizations in every sector and can help you put a plan in place that is specific to your organization and requirements.
3. We are in the midst of a cybercrime wave.
Over the past six to 12 months, we’ve found that 90 percent of new clients reaching out to us have been breached at some point.
The significance of the events vary—in some cases data was lost; in other cases ransom was paid to a cybercriminal. Regardless of the impact, the fact is that cyberattacks have gone up 300 percent over the past year.
According to Forbes magazine, the incidence of virtually every kind of cybermischief is up: malware, especially ransomware and other means of extortion; data breaches; denial-of-service (DoS) attacks; and insider abuse of privileges and credentials.
4. Defeating a cyberattack is its own reward.
Quest recently worked with a client following a ransomware attack that impacted tens of thousands of endpoints—from desktop computers to employees’ mobile phones. Our client was able to execute effectively on communications processes and put compensating controls in place in a timely manner using the Playbook outlined in our Incident Response Plan.
Our client was also able to leverage our tactical Incident Response Team and quickly remediate the issue. This was a huge benefit to the organization, and what might have escalated disastrously was just an everyday problem solved.
Quest is uniquely positioned to help you from a strategic standpoint, to develop comprehensive security policies and procedures and provide tactical protection. If this sounds like something that will benefit your organization, please don’t hesitate to reach out to us.
Thank you for trusting us to help with your cybersecurity needs.
Contact us any time —we’re always happy to help.