1
We should not use the expectation of compromise to avoid taking the necessary steps to defend against attacks, as to fail to do so may make the frequency and severity higher than acceptable or survivable. As well as trying to prevent and protect, we must prepare – so that we are able to respond and recover. As much as we think we can envisage the sorts of ills that may befall us, it is better to have an organisational structure and support arrangements that can cope with a variety of impacts, so that from whatever direction disaster strikes there is a means of response covering physical, personnel, process and technology. Incident response plans, forensic readiness plans, contingency plans, disaster recovery plans, business continuity plans, civil contingency plans, and all other such good stuare of no use without ensuring that they are reviewed and tested with all the parties who would contribute to enacting them when required. As well as having regularly tested and revised plans available, also having contracts and arrangements in place for forensic response, communications, recovery sites, backup equipment and data, helps provide the means of response and recovery in a timely and more cost eective manner. Throughout, good communications with INFORMATION SECURITY all key stakeholders is paramount. Breach notification requirements, and swingeing regulatory fines, makes it even more prudent to both build defences, to prevent and detect attack, and prepare to respond to breaches – only then can we manage the impact and recover. Although organisations and individuals understand the need to build and maintain defences against evolving and persistent attacks, we should also prepare for the inevitable. The odds have always been stacked against the defenders, and attackers continue to grow, says Gareth Niblett, Chair, BCS Information Security Specialist Group. Information Security Specialist Group (ISSG): www.bcs-issg.org.uk Information Risk Management and Assurance Specialist Group: www.bcs.org/groups/irma BCS Security Community of Expertise (SCoE): www.bcs.org/securitycommunity FURTHER INFORMATION doi:10.1093/itnow/bww008 ©2016 The British Computer Society Image: Thinkstock CYBER RESPONSE March 2016 ITNOW 21

BCS ITNow 201603 - Cyber Response

Embed Size (px)

Citation preview

Page 1: BCS ITNow 201603 - Cyber Response

We should not use the expectation of compromise to avoid taking the necessary steps to defend against attacks, as to fail to do so may make the frequency and severity higher than acceptable or survivable.

As well as trying to prevent and protect, we must prepare – so that we are able to respond and recover.

As much as we think we can envisage the sorts of ills that may befall us, it is better to have an organisational structure and support arrangements that can cope

with a variety of impacts, so that from whatever direction disaster strikes there is a means of response covering physical, personnel, process and technology.

Incident response plans, forensic readiness plans, contingency plans, disaster recovery plans, business continuity plans, civil contingency plans, and all other such good stuff are of no use without ensuring that they are reviewed and tested with all the parties who would contribute to enacting them when required.

As well as having regularly tested and revised plans available, also having contracts and arrangements in place for forensic response, communications, recovery sites, backup equipment and data, helps provide the means of response and recovery in a timely and more cost effective manner.

Throughout, good communications with

INFORMATION SECURITY

all key stakeholders is paramount. Breach notification requirements, and

swingeing regulatory fines, makes it even more prudent to both build defences, to prevent and detect attack, and prepare to respond to breaches – only then can we manage the impact and recover.

Although organisations and individuals understand the need to build and maintain defences against evolving and persistent attacks, we should also prepare for the inevitable. The odds have always been stacked against the defenders, and attackers continue to grow, says Gareth Niblett, Chair, BCS Information Security Specialist Group.

Information Security Specialist Group (ISSG):www.bcs-issg.org.uk

Information Risk Management and Assurance Specialist Group:www.bcs.org/groups/irma

BCS Security Community of Expertise (SCoE):www.bcs.org/securitycommunity

FURTHER INFORMATION

doi:1

0.10

93/i

tnow

/bw

w00

8 ©

2016

The

Brit

ish

Com

pute

r So

ciet

yIm

age:

Thin

ksto

ck

CYBERRESPONSE

March 2016 ITNOW 21

Resensi Bcs

Resensi Bcs

Documents
CECYTE BCS

CECYTE BCS

Documents
Bcs newsletter2013

Bcs newsletter2013

Documents
SUPERCONDUCTIVIDAD BCS

SUPERCONDUCTIVIDAD BCS

Documents
201603 - evoryushun.comevoryushun.com/img/201603.pdf · Title: 201603 Created Date: 10/9/2016 5:07:02 PM

201603 - evoryushun.comevoryushun.com/img/201603.pdf · Title: 201603 Created Date: 10/9/2016 5:07:02 PM

Documents
Transforming BCS

Transforming BCS

Documents
201603 Sylvania Evo Folleto

201603 Sylvania Evo Folleto

Documents
BCS Syllabus

BCS Syllabus

Documents
BCS Softech.docx

BCS Softech.docx

Documents
Closures - BCS

Closures - BCS

Documents
Business Connectivity Services (BCS) Primer Creating BCS Applications Creating.NET Assembly Connectors in Visual Studio 2010 support BCS Security

Business Connectivity Services (BCS) Primer Creating BCS Applications Creating.NET Assembly Connectors in Visual Studio 2010 support BCS Security

Documents
BCS written exam preparation and BCS Preliminary exam preparation

BCS written exam preparation and BCS Preliminary exam preparation

Education
BCS Catalogue

BCS Catalogue

Documents
Informer - BCS

Informer - BCS

Documents
Dahua ConfigTool User's Manual V4.0.0 201603

Dahua ConfigTool User's Manual V4.0.0 201603

Documents
BCS Brochure

BCS Brochure

Documents
Fisheries Management Plan 201603 - Three Runway System

Fisheries Management Plan 201603 - Three Runway System

Documents
BCS Instructions

BCS Instructions

Documents
3811_ReducingCostsUsingPersonalizedAutoRepair_ BCS

3811_ReducingCostsUsingPersonalizedAutoRepair_ BCS

Documents
Bcs consumerisation

Bcs consumerisation

Technology
201603 MANNA Magazine Saved and Forwarded to Ruth

201603 MANNA Magazine Saved and Forwarded to Ruth

Documents
BCS Portfolio

BCS Portfolio

Documents
BCS Kardiovaskuler

BCS Kardiovaskuler

Documents
BCS Foundation Certificate in Business Analysis Syllabusbusinessanalystsolutions.com/PDFs/syllabus-BCS-Business-Analysis... · BCS Foundation Certificate in Business Analysis

BCS Foundation Certificate in Business Analysis Syllabusbusinessanalystsolutions.com/PDFs/syllabus-BCS-Business-Analysis... · BCS Foundation Certificate in Business Analysis

Documents
BCS Viewbook

BCS Viewbook

Documents
BCS Catalog

BCS Catalog

Documents
Pension plans and the writing of fully-covered exchange ... · -2-BasedonregulationsforclarifyingERISA'sprudencerequirement whichwereproposedbytheDepartmentofLaborinApril1978,itnow

Pension plans and the writing of fully-covered exchange ... · -2-BasedonregulationsforclarifyingERISA'sprudencerequirement whichwereproposedbytheDepartmentofLaborinApril1978,itnow

Documents
BCS ITNow 201403 - Data Loss Prevention

BCS ITNow 201403 - Data Loss Prevention

Data & Analytics
201603 March 7-19 Seminar Highlights

201603 March 7-19 Seminar Highlights

Education
Revista ITNow Nov 2015

Revista ITNow Nov 2015

Documents