Organisations rightly put a lot of effort into cyber security, but what happens when their defences fail?
It’s an essential question in the modern business landscape, because cyber crime is rife and there are countless vulnerabilities to manage. It only takes a single mistake for disaster to strike, and you cannot guarantee your organisation’s safety.
According to a UK government report, almost two in five businesses reported a data breach last year.
Given this startling fact, it’s clear that cyber security alone isn’t sufficient. You must also know how to respond to a cyber attack.
This begins with incident response planning. By creating a plan for a security incident, everyone in your team can prepare for the inevitable and control the damage, both in terms of the financial impact and reputational damage.
Experts recommend that organisations embed incident response planning within their overall cyber security practices – a technique known as defence in depth.
The framework contains five interrelated stages: detection, protection, management, response and recovery.
Defence in depth is designed to protect organisations on multiple fronts; even if one layer is compromised, the next works to further contain the damage.
In this blog, we look at how incident response fits into the framework, and how you can use defence in depth to respond to cyber attacks.
What is cyber response?
Cyber response is a part of wider business continuity management. It helps your organisation put plans in place to cover all types of disruption, from cyber security incidents and natural disasters to power outages and pandemics.
Having such a plan is crucial when it comes to breaches of personal data. That’s because, under the GDPR (General Data Protection Regulation) and DPA (Data Protection Act) 2018, organisations must report serious security incidents to their data protection authorities within 72 hours of being aware of the breach.
Meanwhile, Article 32 of the GDPR states that organisations must be capable of restoring the availability of and access to personal data in the event of a breach. Organisations in critical infrastructure are also subject to these requirements under the NIS Directive (EU Directive on security of network and information systems).
See also:
- How Defence in Depth Can Help Organisations Tackle Complex Cyber Security Risks
- Stage 1: How to Detect a Cyber Attack
- Stage 2: How to Protect Your Organisation from a Cyber Attack
- Stage 3: How to Manage Your Cyber Risks
Organisations need a robust business continuity management system, combined with cyber security and data protection audits and supply chain security to minimise likelihood of the attack and the impact it will have.
By implementing a cyber incident response management plan, you won’t waste valuable time when disaster strikes.
Effective cyber incident management can also reduce the risk of future breaches and help you detect incidents earlier.
How we can help
Whatever your resources or expertise, a defence-in-depth approach to cyber security will give you the best chance of mitigating the cyber security risks your organisation faces. This enables you to focus on your core business objectives without having to worry about coming under attack.
IT Governance has everything you need. Get in touch today to find out how we can help you secure your success.
A version of this article was originally published on 25 October 2022.
