The EU GDPR (General Data Protection Regulation) requires organisations to respond to serious data breaches within 72 hours of detection. This places a significant burden on organisations: taking the appropriate measures to comply with the law while simultaneously dealing with the collateral impact of a breach is not a picnic!
The Ponemon Institute Cost of a Data Breach Study 2018 indicates that one in four organisations will suffer a data breach in the next two years.
It’s highly likely that your organisation will be among them, so it’s important to have a plan in place to deal with cyber security incidents. An effective incident response programme can help you detect, react to and respond to incidents in a fast, planned and coordinated fashion, limiting the damage, reducing recovery time and costs, and enabling you to meet the GDPR’s requirements.
Only 30 % of organisations have an incident response plan
However, only about 30% of organisations have an incident response plan in place, according to the PwC Global Economic Crime and Fraud Survey 2018.
Implementing an incident response programme can be challenging
Especially if you’re planning a cyber incident response management programme.
CREST (The Council of Registered Ethical Security Testers) has outlined the ten top challenges of cyber incident response management, giving you a better understanding of what needs to be considered when planning for potential incidents.
- Identifying a suspected cyber security incident.
- Establishing the objectives of an investigation and a clean-up operation.
- Analysing all available information related to the potential cyber security incident.
- Determining what has actually happened.
- Identifying what systems, networks and information (assets) have been compromised.
- Determining what information has been disclosed to unauthorised parties, stolen, deleted or corrupted.
- Finding out who did it and why.
- Working out how it happened.
- Determining the potential business impact of the cyber security incident.
- Conducting a sufficient investigation using forensics to identify those responsible.
Find out now how to build an effective cyber incident response management programme with our upcoming webinar:
15 August 2018 – 15:00 BST