You have been hacked. What next? With an increase in cyber threats, organisations need not only to protect themselves against hackers but also to have an effective data breach response plan in case it happens.
In a presentation during the CIO Africa Cloud and Security Summit, Territory Manager at Symantec by Broadcom Software, Djamil Jaddoo advised organisations on the need to have an incident response plan that will guide the actions to be taken in case they are hacked.
“An incident response plan (IRP) is a set of documented procedures detailing the steps that should be taken in each phase of incident response. IRP is an organizational process that enables timely, effective response to cyberattacks,” he said.
According to Djamil, the incident response process includes:
- identifying an attack,
- understanding its severity and prioritizing it,
- investigating and mitigating the attack,
- restoring operations, and
- taking action to ensure it won’t recur.
It should also include guidelines for roles and responsibilities, communication plans, and standardized response protocols.
The Communication Plan, Djamil says, will enable organisations to treat communications with care, keep stakeholders informed and comply with law enforcement that requires security breaches to be reported to authorities when they happen.
Djamil noted that security should not only be a management concern but should cut across all categories of people including customers.
“We are moving from the board room to the basement. Security is top of mind to all CEOs, CISOs, and Boards, it’s never been a better time to approach customers about their security concerns and plans into the future,” he said.
Companies that fail to take cybersecurity seriously stand to suffer financial and reputational hits.
“Just some of the many recent examples of major financial and reputational hits enterprise can suffer. Attackers aren’t going after small, unprotected companies either. Attackers are targeting large enterprises because that’s who has the money to pay out ransoms. And because they’ve found weak spots in these companies’ security postures,” he stated.