Incident Response and Recovery May Be the Best Defense

The list of cyber breaches appearing on the Open Security Foundation’s DataLossDB Web site continues to grow, proving that all organizations are susceptible to attack and intellectual property theft. In an report by B.K. Delong, noteworthy organizations like Monsanto, Booz Allen Hamilton and Sony recently became targets of cyber hackers, leading to the dissemination of proprietary corporate data. Even the CIA and U.S. Senate were recent victims of cyber thieves.

“Well-developed incident response/recovery plans and procedures raise the chances of detection and counter-action at some point after a layered attack has commenced but before the final defensive layer has been breached and the prize obtained (the RSA breach comes to mind as a good example),” said Michael Tiffany, chief architect at Recursion Ventures, as quoted in Delong’s article. “That raised risk of detection may increase the real risk of getting caught, or, more likely, it may increase the perceived cost of the attack from the attacker’s perspective, because of the heightened chance that the entire effort is blown before yielding anything worthwhile. Therefore, investing more money into response and recovery can strongly improve an organization’s risk posture.”

To make your organization cyber secure, DeLong recommends a truly holistic risk assessment, taking into account the following:

  • Organizational critical business assets
  • The asset value to the company
  • What it presently costs to secure those assets
  • What would happen if those assets were lost, stolen or taken offline
  • What it would cost the company in both incident response and business continuity/disaster recovery should something happen to those assets

To be even more prepared for an incident, DeLong also advises that organizations follow these five steps:

1.   Implement solid incident response and business continuity and disaster recovery (BCDR) plans, as well as conduct a business impact assessment.

2.   Collect metrics at all levels to enumerate risks.

3.   Show management how investing in organizational risk assessment and preparation can actually result in cost-savings down the line.

4.   Implement incident response and BCDR plans. Also, run preparedness drills.

5.   Investigate market offerings, such as data loss management platforms and cloud-based BCDR solutions, if an outside vendor is needed.

For more information about effective cybersecurity and protecting organization data, visit: