[BreachExchange] Cyber Resilience is Crucial to Maintaining Brand Reputation

[Audrey McNeil]

http://www.securitymagazine.com/articles/87872-cyber-
resilience-is-crucial-to-maintaining-brand-reputation

Every year, we spend more money and time combatting the dark forces of
cyber space: state-sponsored operatives, organized crime rings, and
super-hackers armed with black-ops tech. The attack methods mutate
constantly, growing more cancerous and damaging. Massive data breaches and
their ripple effects compel organizations of every kind to grapple with
risk and security at a more fundamental level.

The harm done to brand reputation can be long lasting and hard to control.
Breached companies are liable for significant restitution to customers and
suppliers, face closer scrutiny and higher fines from regulators, and often
struggle with sudden drop in sales or loss of business. The appearance of
negligence, repeat attacks or unpredictable fallout from a breach can
significantly unravel public goodwill that took decades to build. The trust
dynamic that exists amongst suppliers, customers and partners is a
high-profile target for cybercriminals and hacktivists.

Board Involvement

Information risk must be elevated to a board-level issue and given the same
attention afforded to other risk management practices. Organizations face a
daunting array of challenges interconnected with cybersecurity: the
insatiable appetite for speed and agility, the growing dependence on
complex supply chains, and the rapid emergence of new technologies.
Cybersecurity chiefs must drive collaboration across the entire enterprise,
bringing business and marketing needs into alignment with IT strategy. IT
must transform the security conversation so it will resonate with leading
decision-makers while also supporting the organization’s business
objectives.

Resilience is Vital

Every organization must assume they will eventually incur severe impacts
from unpredictable cyber threats. Planning for resilient incident response
in the aftermath of a breach is imperative. Traditional risk management is
insufficient. It’s important to learn from the cautionary tales of past
breaches, not only to build better defenses, but also better responses.
Business, government and personal security are now so interconnected,
resilience is important to withstanding direct attacks as well as the
ripple effects that pass through interdependent systems.

I strongly urge organizations to establish a crisis management plan that
includes the formation of a Cyber Resilience Team. This team, made up of
experienced security professionals, should be charged with thoroughly
investigating each incident and ensuring that all relevant players
communicate effectively. This is the only way a comprehensive and
collaborative recovery plan can be implemented in a timely fashion.

Today’s most cyber-resilient organizations are appointing a coordinator
(e.g., Director of Cybersecurity or a Chief Digital Officer) to oversee
security operations and to apprise the board of its related
responsibilities. The new legal aspects of doing business in cyberspace put
more pressure on the board and C-suite. For example, an enterprise that
cannot prove compliance with HIPAA regulations could incur significant
damages even in the absence of a breach, or face more severe penalties
after a successful attack.

Next Steps

We no longer hide behind impenetrable walls, but operate as part of an
interconnected whole. The strength to absorb the blows and forge ahead is
essential to competitive advantage and growth, in cyberspace and beyond.

Here is a quick recap of the next steps that businesses should implement to
better prepare themselves:

Re-assess the risks to your organization and its information from the
inside out. Operate on the assumption that your organization is a target
and will be breached.
Revise cybersecurity arrangements: implement a cyber-resilience team and
rehearse your recovery plan.
Focus on the basics: people and technology
Prepare for the future: to minimize risk and brand damage, be proactive
about security in every business initiative.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170303/afd22393/attachment.html>