Focus on Cyber Incident Response
For Cyber Incident Response, Bad News Needs to Travel Faster
Organizations should set criteria for when a technical incident should activate a broader crisis response, says Mike Barcomb, director of executive cybersecurity exercises at the SANS Institute. Those criteria will be tailored to the needs and unique functions of the organization, but they could include a financial threshold (a predetermined dollar amount is met), reputational element (the news hits a major media outlet or gets shared on social media), or other operational impacts (an incident hampers a key production line).
“If any one of these criteria is met, then we have a crisis,” Barcomb says.
Vulnerabilities Aren’t New, but the Speed of Incidents Is
Fast Facts: How Much Do Data Breaches Cost?
Breaking Silos Leads to Better Security
Boards' Cyber Scrutiny May Grow
Cybersecurity is a Serious Skill Gap for CEOs
How Proactive Incident Response Planning Reduces Breach Costs
