Granted, a degree of hyperbole might exist in the above statements but then again it is not entirely far from reality. Two incidents from the recent past come to mind as I conjure up the topic for this blog. In both the cases, the entities were reputed brands with thriving business over the internet.
In the first case, the company Card Systems – a leading credit card processing company went bankrupt and had to be sold off for pennies after MasterCard and Visa categorically ended their business relationship with Card Systems following a security breach on account of non-compliance with agreed security best-practices. As a result, around 40 million credit card numbers and supporting information were stolen from card Systems. This information was then used to steal millions from customers.
In the second case, the Federal Trade Commission levied a huge penalty on ChoicePoint – a public trading company to pay $10million in civil penalties and $5 million for consumer redress cases. As part of its agreement with the FTC, ChoicePoint will also have to submit to comprehensive security audits every two years for the next 20 years.
Attacks and attackers are getting increasingly sophisticated and no matter what size or business your organization is, sooner or later you are bound to get attacked. Organizations of all types and sizes have been attacked and those who were not adequately prepared and did not handle the attacks or security incidents effectively are in some cases no longer around to talk about it.
Cyber attacks do happen and can result in disastrous situations for the organization and only those organizations that are prepared for dealing with incidents can minimize the chances of a catastrophe and can get back to business in a fairly short period of time.
Sample preparation list:
Here is a sample preparation list of items recommended by many consensus based organizations to help you get started:
• Develop an emergency action plan for dealing with incidents in general.
• Develop policies and procedures for dealing with specific incidents. The policies and procedures should also cover response strategies for specific incidents.
• Create an incident handling team and identify qualified people to join the team.
• Make regular backups and install data integrity software on all critical systems.
• Install proper hardware and software to detect and prevent attacks.
The best way to deal with security incidents and minimize the chances of risk is by getting prepared by having proper resources, policies, procedures, tools and technologies in place. Well documented plans & procedure makes sure that you know what to do when an Incident occurs and minimizes the chances that you will forget something.