Adrian Davis, MD of (ISC)2 on the key 2015 stats when it comes to data breaches.
At the R3: Resilience, Response, Recovery conference in London in September, expert speakers addressed 135 information security industry leaders as part of discussions on how to build a robust incident response plan, in the event of a cyber attack.
With cyber security being such a key issue with the likes of Ashley Madison and British Airways making headlines almost every day, the R3 Summit (biztechevents.co.uk/r3/) brought some strong learnings to the fore in terms of combatting cyber attacks.
Eight key takeaways
1. The speed of response is of the utmost importance in the first 48 hours. At the same time, avoid making instant yes/no decisions and think about the implications of each action.
2. Use the word ‘incident’ rather than ‘breach’, to avoid panicking employees, until it’s certain there is a breach.
3. The crisis management team needs to be able to work well under pressure – not just in drills but in the real thing. Turn up the air conditioning during drills to make them uncomfortable and simulate stress.
4. To create an incident response plan, look at a wide range of issues, then industry-specific issues, and then threats specific to your company.
Find the rest of the takeaways on Business Reporter (business-reporter.co.uk/2015/09/30/63-per-cent-of-uk-companies-have-had-a-security-breach-within-the-last-year/)
R3 is part of a wider series of events from London-based Business Reporter, the award-winning supplement distributed with The Sunday Telegraph. The flagship event in this series, TEISS (teiss.eu/), will take place in February next year for the fourth time.
Attracting more than 300 industry leaders, TEISS is the only place in the UK that you can access this many senior level peers from across various industries as well as receive a global perspective from our international speakers. For 2016, the event will focus on what the industry needs right now – education and culture as a solution to cyber security.