advertisement
You Have Been Hacked, What Next?
You have been hacked. What next? With an increase in cyber threats, organisations need not only to protect themselves against hackers but also to have an effective data breach response plan in case it happens.
In a presentation during the CIO Africa Cloud and Security Summit, Territory ManagerĀ atĀ Symantec by Broadcom Software, Djamil JaddooĀ advised organisations on the need to have an incident response plan that will guide the actions to be taken in case they are hacked.
āAn incident response plan (IRP) is a set of documented procedures detailing the steps that should be taken in each phase of incident response. IRP is an organizational process that enables timely, effective response to cyberattacks,ā he said.
advertisement
According to Djamil, the incident response process includes:
- identifying an attack,
- understanding its severity and prioritizing it,
- investigating and mitigating the attack,
- restoring operations, and
- taking action to ensure it wonāt recur.
It should also include guidelines for roles and responsibilities, communication plans, and standardized response protocols.
The Communication Plan, Djamil says, will enable organisations to treat communications with care, keep stakeholders informed and comply with law enforcement that requires security breaches to be reported to authorities when they happen.
advertisement
Djamil noted that security should not only be a management concern but should cut across all categories of people including customers.
āWe are moving from the board room to the basement. Security is top of mind to all CEOs, CISOs, and Boards, itās never been a better time to approach customers about their security concerns and plans into the future,ā he said.
Companies that fail to take cybersecurity seriously stand to suffer financial and reputational hits.
advertisement
āJust some of the many recent examples of major financial and reputational hits enterprise can suffer. Attackers arenāt going after small, unprotected companies either. Attackers are targeting large enterprises because thatās who has the money to pay out ransoms. And because theyāve found weak spots in these companies’ security postures,ā he stated.