Lack of Incident Response May Pose a Huge Security Risk for Enterprises
A recent survey showed that almost one in every four companies has suffered a breach in their company’s data in the year that has passed. In all the instances that has happened, just a quarter has opted for an incident response or a forensic analysis right after the data breach. Amazingly, only a half of that quarter had opted to remediate and improve their systems after the suspected or detected breach.
Ideally, each organization should always have an incident response team ready that had undergone an incident response training that specializes in forensic analyses. This team will get to work immediately following a breach in order to further improve their security system while maintaining a high system protection. However, this idea and preference is far from reality because only a few companies are maintaining this high protection system.
Larry Ponemon, the founder and the chairman of Ponemon Institute said that around one third of the organizations have actually set in place an incident response team while another third has an informal approach to this which means they have a team but not an officially-sanctioned one. The last third doesn’t really have anything in place. This is actually a surprising number considering that those that does not have any team has all the ability and finances to hire one but just are uninformed about the importance to have a team.
Turning to providers such as Dell SecureWorks, Sword & Shield, McAfeed, Mandiant, CyberEvidence or Verisign iDefense is a good move. Considering they are reliable, professional and that their services are offering good quality. Adding to that, their brand names also add some value to the company, however, it doesn’t mean that hiring a person or enrolling in an incident response training yourself is not a good idea; it is.
The truth of the matter is, if one handles these security breaches or cyber attacks lightly to a point that they don’t care who they hire or don’t care if the service they hire is good then they might end up losing a lot of money. By being breached and in a consistent basis while having no solid security system for your company can have jarring losses that you might not see at first. These organizational losses usually consist of damage against the reputation of your company, a diminished quality of service for your customers or a theft of company information or company secrets.
According to Jeffrey Wheatman, a director in research at Gartner, whenever one has experienced a security breach or a potential threat to their system, he usually has two options: first is to resolve the issue and then get the system back up and running again while the second one is to have an incident handling in order to truly figure out how the incident went done and what truly transpired. However, for most people, they usually opt for the cheaper and easier way but less recommended and that is the first option.
The usual reason for opposing this idea for most companies is that it is way too expensive to have a fully dedicated team that is focusing only on your system. It is mainly because of the fact that a system is not getting breached all the time or the system is not being compromises every single hour. Therefore, many experts believe that a third part is the best way to go or having someone on board that has undergone incident response training.
As recommended by many, smaller markets or companies that are still starting out and can not afford to get one can simply adapt certain techniques and methods from these incident response teams and apply it on their system. Although that doesn’t ensure quality security, it is much better than having to hire a fully dedicated team that you can’t afford. According to Wheatman, sometimes the attack may have interval of days and being on days without breaches, the team does not have anything to do and in that case, you’re basically paying them to do nothing.
Furthermore, in order to get the best security for your system, someone who specializes in incident handling is one of the best options you can take along with enrolling in incident response training. Considering you get a certificate after you finish the training, not only can you help improve your own system but you can also earn by working for others.
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cybersecurity and e-commerce. It is the owner and developer of 20 security certifications. EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. These incident response training certifications are recognized worldwide and have received endorsements from various government agencies. They also offer training for incident response.
More information about EC-Council is available at www.eccouncil.org.
Processing your request, Please wait....
