Upload
gareth-niblett
View
4
Download
0
Embed Size (px)
Citation preview
We should not use the expectation of compromise to avoid taking the necessary steps to defend against attacks, as to fail to do so may make the frequency and severity higher than acceptable or survivable.
As well as trying to prevent and protect, we must prepare – so that we are able to respond and recover.
As much as we think we can envisage the sorts of ills that may befall us, it is better to have an organisational structure and support arrangements that can cope
with a variety of impacts, so that from whatever direction disaster strikes there is a means of response covering physical, personnel, process and technology.
Incident response plans, forensic readiness plans, contingency plans, disaster recovery plans, business continuity plans, civil contingency plans, and all other such good stuff are of no use without ensuring that they are reviewed and tested with all the parties who would contribute to enacting them when required.
As well as having regularly tested and revised plans available, also having contracts and arrangements in place for forensic response, communications, recovery sites, backup equipment and data, helps provide the means of response and recovery in a timely and more cost effective manner.
Throughout, good communications with
INFORMATION SECURITY
all key stakeholders is paramount. Breach notification requirements, and
swingeing regulatory fines, makes it even more prudent to both build defences, to prevent and detect attack, and prepare to respond to breaches – only then can we manage the impact and recover.
Although organisations and individuals understand the need to build and maintain defences against evolving and persistent attacks, we should also prepare for the inevitable. The odds have always been stacked against the defenders, and attackers continue to grow, says Gareth Niblett, Chair, BCS Information Security Specialist Group.
Information Security Specialist Group (ISSG):www.bcs-issg.org.uk
Information Risk Management and Assurance Specialist Group:www.bcs.org/groups/irma
BCS Security Community of Expertise (SCoE):www.bcs.org/securitycommunity
FURTHER INFORMATION
doi:1
0.10
93/i
tnow
/bw
w00
8 ©
2016
The
Brit
ish
Com
pute
r So
ciet
yIm
age:
Thin
ksto
ck
CYBERRESPONSE
March 2016 ITNOW 21