07 Oct What means should be adopted for data security and corporate assets
We are in the era of “anything can happen”, technological disruption increases the risks on our businesses exponentially. It is imperative to rethink the information security systems to consider current cyber threats.
From now on, the risk has knocked on the doors of companies in a recurring way,
It’s never safe; Small, medium or large businesses are equal to the threat!
The examples of attack are legion, and still many are passed under silence!
We have always acted to respond to the risks related to the information security systems. Traditionally, we have protected our asset with technical solutions means and risk management methods that are more or less appropriate.
The challenge today is much greater, it focuses on the resilience and durability of activities, protecting our business becomes an emergency. It’s about making a choice about the method, the behavior we have to adopt to deal with these new threats.
“Verizon’s Data Breach Investigations Report 2019 is based on hard data from 41,686 security incidents and 2,013 data breaches from 73 data sources, both public and private, in 86 countries.”
Why, in our opinion, does the answer lie in Cyber-Resilience, which has been much talked about since the proliferation and intensity of attacks, which will become part of our daily lives?
Cyber-Resilience is the sine qua non that companies must adopt, a risk management approach, crisis management: How to act and react to an attack.
Our advice to strengthen this Resilience is based on 4 fundamentals:
- To apprehend his attacker
- Think about the attack, prevent it
- Set up a remediation solution
- Strengthen prevention strategically, operationally and humanely (continuous improvement)
The better it has been anticipated, the better the crisis can be managed both on its technical dimensions (with the aim of a faster remediation as possible), than on the human and organizational: to deliver an internal and external communication prepared serenely, controlled in a measured way facing the urgency that characterizes any crisis situation!
Internally, it is to appease, encourage the team in charge of remediation to avoid stress and the phenomenon “who is the responsible.”
Externally, it is essential to announce the incident, to its customers and partners, and demonstrate that the situation is under control. A leak of information could be much more harmful to the company, than the own admission of an attack suffered and now under control.