1
We should not use the expectation of compromise to avoid taking the necessary steps to defend against attacks, as to fail to do so may make the frequency and severity higher than acceptable or survivable. As well as trying to prevent and protect, we must prepare – so that we are able to respond and recover. As much as we think we can envisage the sorts of ills that may befall us, it is better to have an organisational structure and support arrangements that can cope with a variety of impacts, so that from whatever direction disaster strikes there is a means of response covering physical, personnel, process and technology. Incident response plans, forensic readiness plans, contingency plans, disaster recovery plans, business continuity plans, civil contingency plans, and all other such good stuare of no use without ensuring that they are reviewed and tested with all the parties who would contribute to enacting them when required. As well as having regularly tested and revised plans available, also having contracts and arrangements in place for forensic response, communications, recovery sites, backup equipment and data, helps provide the means of response and recovery in a timely and more cost eective manner. Throughout, good communications with INFORMATION SECURITY all key stakeholders is paramount. Breach notification requirements, and swingeing regulatory fines, makes it even more prudent to both build defences, to prevent and detect attack, and prepare to respond to breaches – only then can we manage the impact and recover. Although organisations and individuals understand the need to build and maintain defences against evolving and persistent attacks, we should also prepare for the inevitable. The odds have always been stacked against the defenders, and attackers continue to grow, says Gareth Niblett, Chair, BCS Information Security Specialist Group. Information Security Specialist Group (ISSG): www.bcs-issg.org.uk Information Risk Management and Assurance Specialist Group: www.bcs.org/groups/irma BCS Security Community of Expertise (SCoE): www.bcs.org/securitycommunity FURTHER INFORMATION doi:10.1093/itnow/bww008 ©2016 The British Computer Society Image: Thinkstock CYBER RESPONSE March 2016 ITNOW 21

BCS ITNow 201603 - Cyber Response

Embed Size (px)

Citation preview

Page 1: BCS ITNow 201603 - Cyber Response

We should not use the expectation of compromise to avoid taking the necessary steps to defend against attacks, as to fail to do so may make the frequency and severity higher than acceptable or survivable.

As well as trying to prevent and protect, we must prepare – so that we are able to respond and recover.

As much as we think we can envisage the sorts of ills that may befall us, it is better to have an organisational structure and support arrangements that can cope

with a variety of impacts, so that from whatever direction disaster strikes there is a means of response covering physical, personnel, process and technology.

Incident response plans, forensic readiness plans, contingency plans, disaster recovery plans, business continuity plans, civil contingency plans, and all other such good stuff are of no use without ensuring that they are reviewed and tested with all the parties who would contribute to enacting them when required.

As well as having regularly tested and revised plans available, also having contracts and arrangements in place for forensic response, communications, recovery sites, backup equipment and data, helps provide the means of response and recovery in a timely and more cost effective manner.

Throughout, good communications with

INFORMATION SECURITY

all key stakeholders is paramount. Breach notification requirements, and

swingeing regulatory fines, makes it even more prudent to both build defences, to prevent and detect attack, and prepare to respond to breaches – only then can we manage the impact and recover.

Although organisations and individuals understand the need to build and maintain defences against evolving and persistent attacks, we should also prepare for the inevitable. The odds have always been stacked against the defenders, and attackers continue to grow, says Gareth Niblett, Chair, BCS Information Security Specialist Group.

Information Security Specialist Group (ISSG):www.bcs-issg.org.uk

Information Risk Management and Assurance Specialist Group:www.bcs.org/groups/irma

BCS Security Community of Expertise (SCoE):www.bcs.org/securitycommunity

FURTHER INFORMATION

doi:1

0.10

93/i

tnow

/bw

w00

8 ©

2016

The

Brit

ish

Com

pute

r So

ciet

yIm

age:

Thin

ksto

ck

CYBERRESPONSE

March 2016 ITNOW 21

Purina BCS

Purina BCS

Documents
WIN Issue 13(201603)-2015 Sales Honored Teams&Individuals

WIN Issue 13(201603)-2015 Sales Honored Teams&Individuals

Documents
BCS RANKINGS

BCS RANKINGS

Documents
BCS Brochure

BCS Brochure

Documents
Fisheries Management Plan 201603 - Three Runway System

Fisheries Management Plan 201603 - Three Runway System

Documents
ITNOW magazine: June 2014 (sample)

ITNOW magazine: June 2014 (sample)

Leadership & Management
PCDS Services Outlined 201603

PCDS Services Outlined 201603

Documents
Bcs Jeopardy

Bcs Jeopardy

Sports
BCS Catalog

BCS Catalog

Documents
Revista ITNow Nov 2015

Revista ITNow Nov 2015

Documents
BCS Instructions

BCS Instructions

Documents
CECYTE BCS

CECYTE BCS

Documents
BCS Softech.docx

BCS Softech.docx

Documents
Bcs Toolkit

Bcs Toolkit

Documents
Bcs newsletter2013

Bcs newsletter2013

Documents
Transforming BCS

Transforming BCS

Documents
Bcs Marine

Bcs Marine

Documents
SUPERCONDUCTIVIDAD BCS

SUPERCONDUCTIVIDAD BCS

Documents
Loddon Valley Link 201603 - March 2016

Loddon Valley Link 201603 - March 2016

Documents
BCS Viewbook

BCS Viewbook

Documents
BCS written exam preparation and BCS Preliminary exam preparation

BCS written exam preparation and BCS Preliminary exam preparation

Education
Bcs centerary

Bcs centerary

Documents
BCS Written

BCS Written

Documents
BUSINESS ANALYSIS TECHNIQUES - BCS - BCS - The Chartered Institute

BUSINESS ANALYSIS TECHNIQUES - BCS - BCS - The Chartered Institute

Documents
BCS Catalogue

BCS Catalogue

Documents
JOINING BCS

JOINING BCS

Documents
Resensi Bcs

Resensi Bcs

Documents
BCS Foundation Certificate in Business Analysis Syllabusbusinessanalystsolutions.com/PDFs/syllabus-BCS-Business-Analysis... · BCS Foundation Certificate in Business Analysis

BCS Foundation Certificate in Business Analysis Syllabusbusinessanalystsolutions.com/PDFs/syllabus-BCS-Business-Analysis... · BCS Foundation Certificate in Business Analysis

Documents
201603 - evoryushun.comevoryushun.com/img/201603.pdf · Title: 201603 Created Date: 10/9/2016 5:07:02 PM

201603 - evoryushun.comevoryushun.com/img/201603.pdf · Title: 201603 Created Date: 10/9/2016 5:07:02 PM

Documents
BCS Profile

BCS Profile

Documents