Ready For (Nearly) Anything: Preparing Your Organisation For A Cyber Incident

Every organisation has experienced, or will experience, a cyber security incident; depending on how you define the term, most have multiple every day. Increasingly punitive data protection law, plus increasing public awareness and scrutiny of organisations’ responses, means that it’s more important than ever to respond effectively. However, many cyber security teams still struggle to do so. In this talk, Gabriel Currie covers the five key things that cyber security teams should have in place to prepare for an incident, which will improve the efficiency and effectiveness of their response. (1) Documented processes with the considerations, decisions and actions to be taken in an incident (2) Skilled and experienced people to lead and deliver the response (3) Logs to gain an understanding of what has happened, when, and how (4) Containment and eradication technology to take actions that mitigate risk (5) Coordination technology to communicate and collaborate, delegate and track actions, and manage delivery