Home » cyber security » Controlling, Containing and Recovering from Cyber Security Incidents
cyber security incident response

Controlling, Containing and Recovering from Cyber Security Incidents

Company stakeholders and IT personnel alike know that cyber security incidents can do a lot of damage in a hurry. Between the costs of recovery, lost business, reputational damage and fines, organizations can easily spend millions on a single incident. In fact, the Ponemon Institute reported the average per-incident cost of data breaches to be about $3.5 million – a 15% increase over the previous year.

Efficient actions and responses that contain and mitigate threats can significantly reduce the cost of an incident, according to the Ponemon’s research. And that means IT personnel’s ability to quickly identify and resolve issues is critical for risk management.

In cyber security, acting quickly and efficiently takes some planning and preparation. It requires the intelligence to locate and prioritize threats, as well as clearly define procedures for shutting them down. Security teams seeing hundreds or even thousands of alerts on a daily basis need to be able to sort through the clutter to locate and act on the most damaging threats.

But this doesn’t happen without the right strategies and tools.

If your organization is trying to build a streamlined and sustainable incident response plan, the following are some strategies you should apply:

  • Automate risk prioritization. Simply identifying malware and vulnerabilities isn’t enough to inform a workable strategy. Security teams need guidance on where to focus. One way to get this guidance is to leverage tools that incorporate threat evaluation and prioritization in the identification process.
  • Make it personal. Every organization is unique in the design of its infrastructure and the systems that are most critical to its business. It’s important to work this design into the evaluation process and the action strategy that follows. Expert cyber security consultants can help refine your tactical approach specifically for your business.
  • Get it on paper. Your approach to both cyber security incident prevention and response needs thorough definition with regard to roles, responsibilities and procedures. And to maintain a repeatable process, you’ll need to get it all down on paper. Working with a security advisor who has experience with the planning process can help ensure nothing is left uncovered.

Lunarline offers incident response and malware detection services that provide the actionable intelligence and process definition our clients need to keep cyber security events from becoming risk management nightmares. For more information on how we can help your organization, visit Lunarline.com or drop us a line

About Spence Witten

Spence has somehow survived ten years at start-ups and small businesses without suffering a (major) nervous breakdown. As Lunarline's Director of Federal Sales, Spence actually loves working on proposals. If there were any doubt, this is proof that he is in fact certifiably insane. While his title says "Sales" Lunarline doesn't let him off that easy. We make him do real work, too. Luckily he's a recognized subject matter expert in security policy and loves helping clients navigate their way around tricky security compliance standards. He's also been known to lead a software development initiative or two, though that pretty much always ends poorly for everyone involved. He can be reached at spence.witten@lunarline.com.