In
LATEST INTELLIGENCE
HOW TO PREPARE FOR A CYBERATTACK
PRESENTED BY
Download whitepaper here
“ our current state of cybersecurity , security breaches are inevitable . This is an important fact , so I am intentionally repeating it . In our current state of cybersecurity , security breaches are inevitable .” With those words , FireEye Chief Executive Officer Kevin Mandia opened his testimony to the US . House Permanent Select Committee on Intelligence in a previous hearing .
Mandia was speaking in the wake of several highprofile data breaches that had piqued concern among law-makers . As recent headlines demonstrate , his prediction is more relevant than ever .
The question is no longer ‘ will you be breached ,’ but ‘ how will you respond when you are breached ,’ despite your best efforts at prevention . The organisation with a well-designed incident response plan has a much greater advantage than the organisation without one .
Having detection technology in place is only the start of a thorough defence .
Today ’ s threat landscape also requires a detailed incident response strategy to detect , respond to and contain a breach , along with staff expertise to implement that strategy . Once it ’ s determined that an attacker has infiltrated your network , you must move quickly to minimise damage to your organisation ’ s infrastructure , brand and customer base .
This paper draws on the worldwide incident response ( IR ) experience of Mandiant , a FireEye company , to explore the three phases of preparing for a cyberattack :
• Developing an effective IR plan
• Adopting the proper capabilities to execute that IR plan
• Practicing the IR plan
Once you have a response plan in place , you need the proper security technologies and expertise to support it . A response plan requires a full view of your IT assets , accurate detection capabilities and quick reaction time . Your team should regularly practice the response plan and keep track of various metrics that measure how well it is or isn ’ t working . This helps you continually improve the plan to properly handle subsequent incidents .
Many companies have an incident response plan that may look good on paper but execution has not been tested . Key stakeholders must agree on the strategy , evolve it over time , and be able to implement it confidently during an incident . p
16 INTELLIGENTCIO AFRICA www . intelligentcio . com