At some point you will be breached. Those organisations who think it will never happen to them are just an incident waiting to happen. But what happens when a breach occurs? What should you do? What processes and approaches should you have in place? These are just some of the questions that organisations should be asking themselves.
At the NTT University in Berlin, David Gray, Senior Manager & Practice Lead, NTT Security talked with Enterprise Times about incident response. Perhaps the most important thing that Gray had to say was “Don’t Panic!” Panic creates mistakes in resolving an incident. It leads to hurried decisions that could cause more damage than the actual breach.
As in any other crime, the first 24 hours is important. The information that the IT security team gathers is still fresh and may not be complete. Management needs to recognise that if it is going to start making public statements, they are just initial estimates. As Gray points out, many recent breaches have had to revise the size of the breach several times.
Gray also talked about the planning and preparation that organisations need to put in place. One area that few do well is the practice of a breach response. This is fast becoming a requirement not just a play book that sits on the shelf until it is called into action.
To hear more of what Gray had to say listen to the podcast
Where can I get it?
obtain it, for Android devices from play.google.com/music/podcasts
use the Enterprise Times page on Stitcher
listen to the Enterprise Times channel on Soundcloud
listen to the podcast (below) or download the podcast to your local device and then listen there