Page 52 - index
P. 52
processes. Policies and procedures should guide technology purchases as well as enable
effective response and feedback from an incident.
These aren’t the kind of checkbox-style policies that various compliance frameworks require.
Instead, focus on how to make best use of everybody’s time and expertise. Not only should
procedures be focused on breach prevention, they should also provide a roadmap for navigating
issues that tend to crop up during breach response and remediation.
Another important element for strong leaders is the ability to build out a team capable of
addressing the risk areas and performing advanced analysis. An advanced team needs good
visibility to be effective. In order to get increased visibility, some technology is required. Being
able to understand what’s going on throughout every level of the enterprise, from endpoint to
network, is important.
Technologies that promote visibility are crucial to risk mitigation and reaction during a breach.
It’s always important to learn from breaches. Teams should have a mechanism in place to
gather feedback after an incident.
Learning what series of events led to the initial compromise is a critical part to the maturity
process. In addition to understanding the cause, having insight into the organizational
successes and failures will lead to more wins in the future.
For security leaders, it’s important to understand what responses you want to issue internally
and publicly. Just remember to remain level-headed and calm. While experiencing a data
breach is never fun, it has become a part of doing business.
Don’t rush into things, and keep a clear head when making decisions. By understanding the
type of attacks, avenues for readiness and maintaining composure, you’ll be best prepared to
handle incidents of any type.
52 Cyber Warnings E-Magazine – May 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
