6. Coordinate and CommunicateA large cybersecurity incident will impact numerous stakeholders both inside and outside of the company. In addition to the need to engage IT and information security personnel to recover from the incident and forensic personnel to investigate it, the company may have to involve its executive leadership, legal counsel, communications personnel, and other stakeholders in the course of its incident response efforts. Without coordination and communication between different work streams, different stakeholders may duplicate efforts and spread inaccurate information. For example, following an incident, executive leadership may need certain information to make key business decisions, while other parts of the company need different types of information to communicate with employees or customers, respond to regulators, or pursue insurance claims under cybersecurity insurance policies. By establishing and rehearsing an incident response plan, … [Read more...] about Preparation and Practice: Keys to Responding to a Cyber Security Incident
Cyber security incident response
Implement Measures to Minimize Continuing Damag The guidance notes that an organization can remain susceptible to subsequent attacks from perpetrators after a cybersecurity incident, and accordingly, should take action to contain the access and limit the damage, including, “rerouting network traffic, filtering or blocking a distributed denial-of-service attack, or isolating all or parts of the compromised network.” … [Read more...] about Department of Justice’s Cybersecurity Unit Provides New Guidance and Best Practices for Cyber Incident Response
Another challenge with the Security Council having the power to regulate cyber operations in various countries involves an infringement on individual rights such as the freedom of speech. Online content such as extremist websites, highly offensive video footage, and social media, have the potential to inflame, exacerbate and ignite tensions on the ground in areas where the peace operations are working. If online content has the ability to incite riots, then the removal or blockage of this content has the ability to promote peace or at the very least not interfere with peace efforts. For example, during the Arab Spring, the Egyptian government shut off access to the Internet for four days. India blocked access to approximately 250 websites in an effort to stop the spread of videos and images that caused the Bangalore panic. Other countries such as China and regimes in the Middle East and North Africa engage in heavy web filtering and censorship. The Afghan government pushed Internet … [Read more...] about Cyber Security and the Need for International Governance
As we mentioned earlier this year, and as confirmed by each of these survey, organizations need to implement data incident response plans. To this end, we have prepared a summary of some of the Key Action Items for Responding to Data Breaches. While this list is not exhaustive, it should provide a general guide for incident response. … [Read more...] about Data Incident Response–Are You Prepared?
Insurer Sophistication is Nuanced. The Report concluded that the size of an insurer’s assets is not the only factor that determines the sophistication of the insurer’s cyber security program. The breach of Anthem, one of the largest health insurers in the country, may be viewed as leading credence to this finding. In addition to insurer’s assets, the Report finds that the sophistication of a cyber security program is also determined by the firm’s transactional frequency, the variety of business lines (insurance and non-insurance) written, and the sales and marketing technologies associated with those lines. … [Read more...] about Could the Anthem Hack Happen Again? New Report Analyzes Insurers’ Cyber Security Programs