incident response imageIncident Response

Cyber the latest buzzword currently in the media. There are many examples about the horrors of cyber attacks. There are additionally many types of IT security incidents that could easily be classified as a Cyber Security Incident.

The main difference between cyber incidents and regular incidents appears to lie in the source of the attack; minor criminal compared to a major organisation or syndicate. Not the type of incident e.g.. Hack, Malware or Social Engineering. Organisations are seldom adequately prepared for a serious cyber incident. They often lack budget, resources, technology or recognition of the type and magnitude of the problem. In addition, they do not have software, testing, process, technology or people to handle sophisticated threats such as Advanced Persistent Threats (APTs).

Preparing for a Cyber Incident

Research revealed that few organisations are prepared in terms of:

Responding to a Cyber Incident

Phase 1 - Prepare

Phase 2 - Detect

Phase 3 - Respond

Phase 4 - Post Activity / Follow Up