Intelligent CISO Issue 87 | Page 16

LATEST intelligence

4 KEY CONSIDERATIONS TO PERFORM EFFECTIVE INCIDENT RESPONSE

By Carlos De Sola Caraballo
PRESENTED BY ncident response promotes an

I organization’ s increased resilience, but few organizations prepare the right way. Security and risk management leaders must protect their organizations by taking four steps that cover the connections between technology, people and cybersecurity maturity level.

Overview Key Findings
• Security and risk management leaders fail to create an incident response( IR) strategy to mitigate IT and business outages because they assume service providers and / or third-party IR companies can take care of issues.
• IR programs are usually tested once a year, resulting in the inability to swiftly respond to threats impacting the organization.
• Security leaders struggle to meet response objectives in part due to insufficiently defined roles and responsibilities when responding and escalating incidents. This lack of internal team structure results in elongated response times, often creating longer than necessary business disruptions.
• Cybersecurity professionals managing IR are often overwhelmed and overworked, leading to high turnover and lack of preparedness.
Recommendations
Security and risk management leaders responsible for security operations should:
• Develop an IR plan in line with business continuity objectives that includes standard operating procedures, contact lists, communication protocols, SLAs, and roles and responsibilities appropriate to your size and maturity level.
• Create an IR team( IRT) of key cross-functional roles that will establish clear roles and responsibilities to create, update and test IR procedures.
• Build and execute a maintenance schedule to regularly test IR plans, creating a feedback loop to update the plan as internal or threat landscape changes are identified.
• Ensure sufficient job rotation and appealing career paths to retain your talents and mitigate high attrition among responders and to allow cross-functional upskilling to expand your bench of responders.
Download whitepaper at:
16 WWW. INTELLIGENTCISO. COM