How Can Organisations Effectively Manage, Detect and Respond to a Data Breach?

Author:Pearch, Andy
Position:DATABASE AND NETWORK INTELLIGENCE: SECURITY
 
FREE EXCERPT

78% of businesses cite cyber security as a high priority for their organisation's senior management. Whilst it is encouraging that this figure has risen year on year, generating awareness of cyber security is only one part of the issue. The next step for organisations to take is not only understanding, but intelligently acting on the risks presented. Despite the heightened awareness, many organisations are still focusing on mitigating assumed risks, rather than real risks, without a robust security strategy in place.

Whilst perimeter security is a key part of any organisation's security posture, the fact is that it cannot work in isolation. Data breaches are now commonplace and largely regarded as inevitable, and the rise of new technologies means that today's threats have increased in sophistication. As Andy Pearch, Head of IA Services at CORVID, explains, safeguarding data integrity, confidentiality and availability should be fundamental to all cyber security strategies. After all, it is the speed with which a breach is detected and the effectiveness with which it is remediated that will provide the most value--this can be achieved with a strategic Managed Detection and Response solution.

Unidentified attacks.

The Government's Cyber Security Breaches Survey 2019 revealed that in the last 12 months alone, almost one third of UK businesses identified cyber security breaches or attacks. What's more, the research also showed that just under half of these companies identified at least one breach or attack per month. While these figures should be enough to make a business refocus its strategic security thinking, it is the use of the word 'identified' that is significant: many more attacks could have occurred, but not yet been discovered.

Indeed, global figures reveal that the median dwell time--the time a criminal can be on a company's network undetected--is over 100 days. And in many cases, the breach is not revealed by the security team itself; it is a call from a supplier, a customer or business partner that brings the problem to light, typically following the receipt of a diversion fraud email requesting, for example, that future payments should be sent to a different bank account. These breaches not only have the ability to undermine business relationships, but in some cases, can also incur significant financial liability. These frauds usually follow one of two forms: either impersonation, where a criminal masquerades as the business using...

To continue reading

REQUEST YOUR TRIAL