Lessons learned from cyber breaches

The business leaders are there to ensure proactively fight tomorrow’s threats, not yesterday’s.

Organizations have struggled with legitimacy with senior leaders for a long time due to cyber breaches. There are many reasons for this, but they all can be traced back to the historical inability of security professionals to explain the business impact of security, the risks facing the organization in business terms, and the business value of the organization. Below are few lessons learned tips from such incidents

#1 Security strategy plans are not tailored for the organizations. They should establish policies, process & procedures to their environment, expertise and business objective. Documentation should evolve constantly to handle future threats

#2 Post cyber data breach, institutions should handle the security incident properly. The result of poor handling could see organizations facing a hit to reputation, or worse, financial and legal problems.

#3 Organizations should have a well-documented and tested communications plan in the event of a cyber incident. Failure to ingrate communications into overall planning typically means delayed responses to media and likely more critical coverage

#4 There is no patch for human stupidity. Insiders mistake are one of reasons for the majority of data breaches and avoidable with appropriate training and security measures in place

#5 At times the cyber attack is too big to deal with in-house expertise and tool, and the type of breach may make that option an unwise one. So it’s best to have external help available if needed

#6 Lack of expertise. Organizations should provide additional training to help foster the proper level of experience. In addition, strong leaders who oversee the team should clearly define roles and responsibilities, promote greater collaboration, and improve communication to, and beyond, the team

#7 Fail to use risk analysis and measurement to make informed decisions. Management cares about measurement because measurement informs decisions. The goal of security measurement is to reduce uncertainty to the point where management can make effective decisions.

#8 Organization can determine if they are more secure this year as compared to last. Information security should focus on the reduction of breach attempts and the root causes for these. An information security breach is any intentional or unintentional information-related activity that causes an unplanned increase in cost or decrease in revenue

#9 Measure readiness, response to events, and recovery times by having well-thought-out metrics to measure organizational response and preparation. Tracking response effectiveness and recovery time is critical to improve these functions

#10 Get or carry out a security audit of network periodically to strengthen the asset value and meet the legal & regulatory framework

Cyber threats are persistent challenges for organisations, it requires strong commitment and a flexible response. So, how do you do it? What’s your choice to stay secured? Share your thoughts in the comments section below