Deloitte Mock a Cyberattack to Teach Business How to Respond

Uploaded on 2015-05-04 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Consulting, TECHNOLOGY--Resilience

 cybersecurity.jpg
A security breach or big data loss can trigger an emergency for the entire business, not just for the IT or security teams, so staffers from multiple departments must know how to react effectively in such situations.
This was one of the main lessons taught in a cyber incident war-gaming exercise held for the media in New York by consulting firm Deloitte. Deloitte typically conducts such exercises on behalf of large organizations that want to prepare for when they are hit by a major computer breach. In the event, the participants were executives from various companies.
The exercise is designed to prompt organizations to make decisions so "if there is a cyber-incident, it is better prepared," said Mary Galligan, who is Deloitte's director of cyber risk services and a former FBI agent with experience in online crimes.
Typically, security and IT staff in most organizations are aware of the probability of cybercrimes and are trained to react quickly should one occur. Other business departments of an organization are not usually as aware of what their roles would be in such a scenario, Galligan said. Even those executives who are well equipped to manage a crisis find that "a cyber incident happens faster than anything that they've been used to before," Galligan said.

This work includes not only finding out how the information leaked out and then correcting the problem, but also handling a range of secondary issues. The company must craft a media message and contact all the affected patrons. It must use social media and train its own employees to reassure customers that the retail establishment has taken the breach quite seriously. It must also work with business partners, merchandise manufacturers and banks to ensure they don't sue the company for damages. It must readjust its sales projections, as well as inventory levels, to handle the lull in business that will probably occur in the months to come. 
Finally, they need to answer to the company's board of directors, who are often angrily looking for how these issues are being addressed.
Computerworld: http://bit.ly/1E1E6Nl

« 'Killer Robots' Offer Both Risks & Advantages for Military Use
How Mobility Is Revolutionising Manufacturing »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

TenIntelligence

TenIntelligence

TenIntelligence provides due diligence, brand protection and fraud investigation services including digital forensics.

Duane Morris LLP

Duane Morris LLP

Duane Morris is a global law firm with offices in the USA, UK and Asia. Practice areas include Cybersecurity.

Globalscape

Globalscape

Globalscape is a leader in secure data exchange solutions.

Shadowserver Foundation

Shadowserver Foundation

Shadowserver Foundation aims to improve internet security by raising awareness of compromised servers, malicious attackers and the spread of malware.

SBS CyberSecurity

SBS CyberSecurity

SBS CyberSecurity is a premier cybersecurity consulting and audit firm.

Oneconsult

Oneconsult

Oneconsult provides cyber security services focusing on penetration tests / ethical hacking, ISO 27001 security audits and incident response & IT forensics.

CERT.lu

CERT.lu

CERT.lu is an initiative to enhance cyber security practices and techniques, and support security professionals in Luxembourg.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BlackRidge Technology

BlackRidge Technology

BlackRidge Technology develops, markets and supports a family of products that provide a next generation cyber security solution for protecting enterprise networks and cloud services.

Adit Ventures

Adit Ventures

Adit Ventures is a venture capital firm with a focus on dynamic growth sectors including AI & Machine Learning, Big Data, Cybersecurity and IoT.

Aquia

Aquia

Aquia are on a mission to enable innovation and drive transformative change to solve the world’s most pressing and complex cybersecurity challenges.

Vultara

Vultara

Vultara provides web-based product security risk management tools for electronics manufacturers.

Kahootz

Kahootz

Kahootz is a highly secure cloud collaboration platform helping teams to work together across organisations.

Phone Monitoring Service

Phone Monitoring Service

Phone Monitoring Service provides cyber security services, ethical hacking services, social media hacking services in the USA, Canada, Europe.

Hiya

Hiya

Hiya's mission is to secure voice with trust, identity and intelligence. We're protecting people from spam and fraud calls, and helping carriers secure their networks for all.

DeepStrike

DeepStrike

DeepStrike is a cutting-edge penetration testing company that specializes in providing Penetration Testing as a Service (PTaaS) and continuous penetration testing solutions.