1
We should not use the expectation of compromise to avoid taking the necessary steps to defend against attacks, as to fail to do so may make the frequency and severity higher than acceptable or survivable. As well as trying to prevent and protect, we must prepare – so that we are able to respond and recover. As much as we think we can envisage the sorts of ills that may befall us, it is better to have an organisational structure and support arrangements that can cope with a variety of impacts, so that from whatever direction disaster strikes there is a means of response covering physical, personnel, process and technology. Incident response plans, forensic readiness plans, contingency plans, disaster recovery plans, business continuity plans, civil contingency plans, and all other such good stuare of no use without ensuring that they are reviewed and tested with all the parties who would contribute to enacting them when required. As well as having regularly tested and revised plans available, also having contracts and arrangements in place for forensic response, communications, recovery sites, backup equipment and data, helps provide the means of response and recovery in a timely and more cost eective manner. Throughout, good communications with INFORMATION SECURITY all key stakeholders is paramount. Breach notification requirements, and swingeing regulatory fines, makes it even more prudent to both build defences, to prevent and detect attack, and prepare to respond to breaches – only then can we manage the impact and recover. Although organisations and individuals understand the need to build and maintain defences against evolving and persistent attacks, we should also prepare for the inevitable. The odds have always been stacked against the defenders, and attackers continue to grow, says Gareth Niblett, Chair, BCS Information Security Specialist Group. Information Security Specialist Group (ISSG): www.bcs-issg.org.uk Information Risk Management and Assurance Specialist Group: www.bcs.org/groups/irma BCS Security Community of Expertise (SCoE): www.bcs.org/securitycommunity FURTHER INFORMATION doi:10.1093/itnow/bww008 ©2016 The British Computer Society Image: Thinkstock CYBER RESPONSE March 2016 ITNOW 21

BCS ITNow 201603 - Cyber Response

Embed Size (px)

Citation preview

Page 1: BCS ITNow 201603 - Cyber Response

We should not use the expectation of compromise to avoid taking the necessary steps to defend against attacks, as to fail to do so may make the frequency and severity higher than acceptable or survivable.

As well as trying to prevent and protect, we must prepare – so that we are able to respond and recover.

As much as we think we can envisage the sorts of ills that may befall us, it is better to have an organisational structure and support arrangements that can cope

with a variety of impacts, so that from whatever direction disaster strikes there is a means of response covering physical, personnel, process and technology.

Incident response plans, forensic readiness plans, contingency plans, disaster recovery plans, business continuity plans, civil contingency plans, and all other such good stuff are of no use without ensuring that they are reviewed and tested with all the parties who would contribute to enacting them when required.

As well as having regularly tested and revised plans available, also having contracts and arrangements in place for forensic response, communications, recovery sites, backup equipment and data, helps provide the means of response and recovery in a timely and more cost effective manner.

Throughout, good communications with

INFORMATION SECURITY

all key stakeholders is paramount. Breach notification requirements, and

swingeing regulatory fines, makes it even more prudent to both build defences, to prevent and detect attack, and prepare to respond to breaches – only then can we manage the impact and recover.

Although organisations and individuals understand the need to build and maintain defences against evolving and persistent attacks, we should also prepare for the inevitable. The odds have always been stacked against the defenders, and attackers continue to grow, says Gareth Niblett, Chair, BCS Information Security Specialist Group.

Information Security Specialist Group (ISSG):www.bcs-issg.org.uk

Information Risk Management and Assurance Specialist Group:www.bcs.org/groups/irma

BCS Security Community of Expertise (SCoE):www.bcs.org/securitycommunity

FURTHER INFORMATION

doi:1

0.10

93/i

tnow

/bw

w00

8 ©

2016

The

Brit

ish

Com

pute

r So

ciet

yIm

age:

Thin

ksto

ck

CYBERRESPONSE

March 2016 ITNOW 21