TAKING ACTION ON
CYBERSECURITY:
THE INCIDENT RESPONSE PROGRAMME
Organisations across the globe are grappling with an
unprecedented number of cyberthreats. It means that, for
CISOs, risk management is a key strategic objective. Anna
Mazzone, MD and GM of UK and Ireland, MetricStream,
discusses why cybersecurity incident response programmes
are so crucial in today’s business world.
A
cross all
industries,
companies of all
sizes recognise
the importance
of cybersecurity.
After all, data is at
constant risk. Protecting it is imperative,
not just because stringent regulations
demand it, but because failure to do
so can be incredibly damaging to
organisations and their stakeholders.
Yet, there are still gaps in how
enterprises approach cybersecurity
and, in many cases, they are not as
prepared as they should be. Establishing
a Computer Security Incident Response
Team (CSIRT) can help plug the gap,
enabling organisations to respond
quickly, should an incident require it.
According to Cyber Security Ventures,
the annual cost implication of cybercrime
is projected to reach US$6 trillion
by 2021. It’s a staggering figure that
demonstrates the collective impact of
62
cyberincidents and that all organisations
– large and small – are at risk. In fact,
last year’s cost of cyberattacks across
UK small businesses has been estimated
at £13.6 billion.
Anna Mazzone, MD and GM of UK and
Ireland, MetricStream
By and large, companies recognise
the threat. The annual cyber governance
health check of the UK’s leading 350
companies found that 72% of boards
consider cyberthreats a very high or
high risk. Yet, despite this, only around
one in five had undertaken a crisis
simulation on cyber-risk in the last
12 months. be adjudged to have fallen foul of its
responsibilities and relevant regulations.
Cyberattacks can have long and far-
reaching consequences. Initially, there
is an immediate impact from dealing with
the incident. This can include service
disruption and a potentially high cost of
fixing the issue. What’s more, the cyberthreat constantly
evolves. It would be a mistake to think
that any response plan can be created
and then effectively held in cold storage.
It should be a living plan: constantly
revised, updated, checked and tested. It
is an investment in the business’ ability
to prevent, mitigate and respond to
cyber incidents and could help minimise
financial damage and help protect the
organisation and its reputation.
However, financial impact can be long-
term, resulting from reputational and
brand damage, not to mention potentially
hard-hitting fines should the organisation
The potential for cyber-related
incidents to occur therefore, poses a
serious threat to businesses. It follows
that the absence of a sophisticated
cyber-resilience programme can put
organisations in jeopardy.
Issue 19
|
www.intelligentciso.com