All Research
Leadership Brief

Why don't you like this?

I like this
I don't like this

Responding to Cyber Incidents

Mike Small
The overwhelming majority of organizations now depend upon online services to support their business and this exposes them to cyber security risks. While most have security protection technologies in place few have a plan for how they would respond to a cyber incident. Today, the question is not if your organization will suffer a cyber incident but when - and this makes it essential to have a plan.

1 Executive Summary

According to a UK Government survey - “Over four in ten businesses (43%) and two in ten charities (19%) experienced a cyber security breach or attack in the last 12 months.” - however, “While 90% of businesses had preventative security technologies like firewalls, anti-malware and security patching tools in place, only 27% had a formal cyber incident response plan.”

Cyber criminals work together to attack organizations using ransomware, social engineering other sophisticated cyber tools to steal intellectual property and personal data, to blackmail organizations as well as to fraudulently obtain money and payments.

While it is important to spend on prevention, it is also vital to prepare for an incident. When a cyber incident or data breach occurs, you need a plan for what to do.

Not having an incident response plan can lead to:

  • Increasing the risk to your customers and business by failing to promptly identify what has happened at what data is affected. Your customers inundating your help desk with calls.
  • Financial penalties for failing to properly manage the incident. Loss of revenue, customers as well as reputational damage. The cost of the data breach that affected the UK telecommunications company TalkTalk in 2015 cost £77M.
  • Confusion and poor communication with your staff not knowing what to do. Extra costs for outside help to collect forensic evidence, eliminating malware and recovering your systems.
  • Your CEO being confronted by TV News when arriving at the organization’s headquarter.

You should act now to test your organization’s cyber incident response plan if you have one or to create one if you haven’t.

Full article is available for registered users with free trial access or a paid subscription.
Log in
Become a Member and read on!
Create an account and buy a Membership package or use our 7-days free trial period to access this and 600+ other in-depth and up-to-date insights.
Register and request your 7-day free trial
Register
Already convinced? Check out our packages
Choose a package

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use