With cyber security threats on the rise, can any of us say that we are truly prepared for an attempt by cyber criminals to break into our networks? In today’s world of constantly evolving threats, it’s potentially only a matter of when your systems will be hacked, not if. Before your organization falls prey to cyber criminals, consider taking some time — and money — to plan ahead and test your own defenses. Consider the saying, “It takes a thief to catch a thief.”
Have a Cyber security Plan
Work with a knowledgeable consulting firm to build an incident response plan that outlines the major incident scenarios that are likely to happen, the key contact details of whom to engage during an incident and the rules of engagement for the overall response process. Also, be sure to include reporting and communications templates because those are the last things you want to be designing in the middle of an incident.
Test Your Controls
Use a little friendly, ethical hacking to test your systems. Organizations have contracted consultants for years to perform penetration testing on Internet-facing systems. With today’s evolving network perimeter, many organizations are not adequately securing or testing their mobile devices and the applications that access their core business infrastructure. About 75 percent of mobile applications will fail basic security tests through 2015. These mobile devices and apps are target-rich opportunities for cyber criminals — especially if proper security wasn’t built into them or configured in the first place — so they should be part of your incident preparation activities.
Exercise Your Plan
Many organizations today are taking a lesson from military and other first responder organizations that run a variety of exercises to test their incident response plans. While no one can really plan for a “black swan” scenario, you can still test your response to the likely major incident scenarios you have outlined in your incident response plan. Exercises can range from tabletop scenarios, where participants sitting around a table walk through the response actions step by step, to full-on live war-gaming, with an active response to simulated cyber criminal attacks by your friendly ethical hackers.
Update Your Plan
Based on the findings from your penetration testing and your incident response plan testing, it is critical to go back and update your plan to cover the lessons you learned. At a minimum, incident response plans should be updated on a yearly basis to capture the changes needed to address the evolving threat landscape and your organization’s changing information technology and cyber security environment.