Clock is Ticking on Cybersecurity Incident Response Plans

Print Friendly, PDF & Email

Most businesses today regularly conduct fire drills as part of an effort to educate everyone about where they should go in the event of an emergency. Some businesses have even crafted full-blown incident response plans that explain in detail what everyone involved in the business should do in the event of a catastrophe such as an earthquake. Not only should more businesses have incident response plans in place that include what to do in the event of a cyberattack, those that do have the those plans in place might want to update them to include what to do in the event of a truly catastrophic cybersecurity event.

IT security experts have uncovered what appears to be a systematic probing of the cybersecurity weaknesses of the critical infrastructure that underpins the core Internet that every business is now dependent on to one degree or another. While it’s unclear exactly who is doing the probing, the level of scale of the probing suggests large-scale cyberespionage.

There’s not much the average business can do when nation states decide to turn the Internet into the digital equivalent of a battle field. Just like in real warfare, crippling or destroying infrastructure has always been a fundamental objective.

But rather than there being one cataclysmic event, it’s more likely that the thousands of hackers working on behalf of these nation states are going to experiment with their ability to take critical infrastructure offline just to make sure they can actually do it. That’s when having a security incident response plan becomes a very good idea. Most businesses today can’t afford to be offline for more than a few days. Just like when there is a natural disaster, half the businesses that are not able to recover in a timely fashion wind up closing up shop. Customers have their own issues and while they may sympathize with your current plight, they will move on to protect their own interests.

Organizations of all sizes should also need to take stock of their own role in helping defend critical IT infrastructure. Hackers are always looking for exploits in systems that are connected to other systems. All too often a vulnerability in a system owned by a small organization providing a service to much larger entities becomes the gateway through which all kinds of malware can pour in. Thanks to the rise of the Internet of Things (IoT), the size of that attack surface is only going to increase.

'Business leaders have always had fiduciary responsibility to plan for the worst.'Click To Tweet

In fact, Gartner predicts that by 2020 more than 25 percent of cyberattacks will involve IoT deployments. The main reason for this is that Gartner expects that half the vendors providing these devices will have relied on weak authentication processes; a fact that the hacker community is already excited about being able to exploit.

In the meantime, a security incident response plan is one of those things where best practices make all the difference. Because of that requirement having a relationship with consulting firms that have expertise in this area is critical. Not only have many of these firms crafted these plans before, they should be able to provide insights into specific scenarios that might directly impact a business.

Business leaders have always had fiduciary responsibility to plan for the worst. What’s changing now is the direction from which that worst possible event is most likely going to arrive.



Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot.Mike also blogs about emerging cloud technology for Intronis MSP Solutions by Barracuda.

Connect with Mike on LinkedIn, Twitter, and Google+

Scroll to top
Tweet
Share
Share