Intelligent CISO Issue 19 | Page 62

TAKING ACTION ON CYBERSECURITY: THE INCIDENT RESPONSE PROGRAMME Organisations across the globe are grappling with an unprecedented number of cyberthreats. It means that, for CISOs, risk management is a key strategic objective. Anna Mazzone, MD and GM of UK and Ireland, MetricStream, discusses why cybersecurity incident response programmes are so crucial in today’s business world. A cross all industries, companies of all sizes recognise the importance of cybersecurity. After all, data is at constant risk. Protecting it is imperative, not just because stringent regulations demand it, but because failure to do so can be incredibly damaging to organisations and their stakeholders. Yet, there are still gaps in how enterprises approach cybersecurity and, in many cases, they are not as prepared as they should be. Establishing a Computer Security Incident Response Team (CSIRT) can help plug the gap, enabling organisations to respond quickly, should an incident require it. According to Cyber Security Ventures, the annual cost implication of cybercrime is projected to reach US$6 trillion by 2021. It’s a staggering figure that demonstrates the collective impact of 62 cyberincidents and that all organisations – large and small – are at risk. In fact, last year’s cost of cyberattacks across UK small businesses has been estimated at £13.6 billion. Anna Mazzone, MD and GM of UK and Ireland, MetricStream By and large, companies recognise the threat. The annual cyber governance health check of the UK’s leading 350 companies found that 72% of boards consider cyberthreats a very high or high risk. Yet, despite this, only around one in five had undertaken a crisis simulation on cyber-risk in the last 12 months. be adjudged to have fallen foul of its responsibilities and relevant regulations. Cyberattacks can have long and far- reaching consequences. Initially, there is an immediate impact from dealing with the incident. This can include service disruption and a potentially high cost of fixing the issue. What’s more, the cyberthreat constantly evolves. It would be a mistake to think that any response plan can be created and then effectively held in cold storage. It should be a living plan: constantly revised, updated, checked and tested. It is an investment in the business’ ability to prevent, mitigate and respond to cyber incidents and could help minimise financial damage and help protect the organisation and its reputation. However, financial impact can be long- term, resulting from reputational and brand damage, not to mention potentially hard-hitting fines should the organisation The potential for cyber-related incidents to occur therefore, poses a serious threat to businesses. It follows that the absence of a sophisticated cyber-resilience programme can put organisations in jeopardy. Issue 19 | www.intelligentciso.com