Having an Effective Response Plan is Crucial After a Cyber Attack, but Survey Results Show Most Businesses Playing With Fire
The scales of time and money can seem hard to balance for many businesses when it comes to emergency cyber response plans, but the recent results from a survey conducted by the SANS Institute showing that only 9% of the businesses surveyed rate their cyber response plans as “very effective” is a real problem which could have far reaching consequences for those trusting luck to keep their sensitive ESI (Electronically Stored Information) and other digital assets safe. With time and money being listed as the primary factors keeping most of those surveyed from having effective response plans, Global Digital Forensics founder, Joe Caruso, talks about how knowing where you stand in the world of cyber threats, pinpointing security weaknesses, developing a reliable response plan, and having emergency responders waiting in the wings, can cost far less time and money than many businesses think.
A big problem
This last Tuesday, on August 12th, the SANS Institute released the results of a survey titled, Incident Response: How to Fight Back . The results don’t bode well for US businesses at all, with over 90% admitting they do not have a “very effective” emergency cyber response plan in place. 62% cited the time involved to develop one as the obstacle, and 60% cited budget constraints. "These are simply unacceptable numbers and reasons,” says Joe Caruso, founder and CEO/CTO of Global Digital Forensics (GDF) , a premier provider of cyber security solutions, “because it doesn’t have to become a sinkhole of time and resources to develop and maintain an effective cyber emergency response strategy, if you approach the problem the right way.”
Assessment, Testing, Hardening and Response Can be Handled Together
“The best way to reduce cyber security costs, without sacrificing effectiveness, is to tackle more than one front at the same time,” says Caruso. “Every worthwhile plan needs a starting point, and in the world of cyber security, the starting point has to be assessing the threats you face. Every business is unique, so relying on any type of one-size-fits-all solution is simply destined to fail. Our vulnerability assessments are designed to show you exactly where you stand. We look at the entire digital landscape, from the technology in use and the data needs of the client, to regulatory compliance issues and response policies and procedures. So we’ll not only understand the lay of the land and the entire lifecycle of data from creation to destruction, we’ll also be able to show a client where their resources can most effectively be used, without saddling them with unnecessary bells and whistles which will have no real bearing on their cyber security posture. Once we finish the assessment phase, we move on to the penetration testing phase, assuming the role of a real-world attacker to see if we can break through their security. We’ll do everything from launching realistic spear phishing campaigns, the number one gateway for attackers, to making phone calls posing as support to gather network credentials, which is also a common tactic, as well as attempt to exploit other vectors, like operating system and software applications which have not been updated with the latest security patches. And after we’ve gone through the assessment and testing phases, we’ll know the client’s data environment intimately, allowing us to help our client devise an effective response plan from scratch in none exists, or strengthen any existing response policies and procedures based on what we’ve found.”
The Help Needed to Get Back Up After Getting Knocked Down
“The harsh reality is, anyone can become a victim of cyber attackers,” warns Caruso, “from corporate giants like Target, to the watchers themselves like the NSA. The paradigm of cyber security has always favored the attackers because the security side has millions of holes to keep plugged every day, but hackers only need to find one, and it can be new one that’s not even on the radar yet. So it’s not a matter of if, it’s a matter of when, and an organization’s survival will depend on how quickly and effectively they respond. Yet, the survey results showed that over 60% of the organizations that participated don’t have a reliable emergency incident response plan in place because of either the lack of time, and/or budget constraints. But the truth is, it doesn’t have to be such a costly or time consuming nightmare, and we’ve proven it time and time again. We even offer no-retainer SLAs (Service Level Agreements) to our assessment and testing clients so they can not only have experienced professional responders on call 24/7 who are already familiar with their digital landscape, but thanks to our network of responders strategically positioned across the country, we can have boots on the ground in hours if necessary, not days, to assist with the response. But many times we can even start the process of identifying, stopping and remediating the attack instantly with remote capabilities. And the best part is, if there is no attack, having us in the wings ready to go won’t cost the client one red cent. Regular vulnerability assessments and testing are not luxuries, they are necessities in today’s digital world, and we can not only cover those bases for clients, but we can help them develop a customized professional response plan and escalation matrix while we’re at it, all based on the insight we will have already gained through the assessment and testing process. So forget the time and money excuses, the right assistance to help you survive a cyber attack is only a phone call away.”
Customized Cyber Security Solutions Save Time, Money and Aggravation
*Global Digital Forensics is a recognized industry leader in the fields of computer forensics , cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a cost-effective plan which will meet your unique needs, without wasting resources on solutions you simply don’t need. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to get help. For more information, visit our emergency response page.