Deloitte Mock a Cyberattack to Teach Business How to Respond

Uploaded on 2015-05-04 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Consulting, TECHNOLOGY--Resilience

 cybersecurity.jpg
A security breach or big data loss can trigger an emergency for the entire business, not just for the IT or security teams, so staffers from multiple departments must know how to react effectively in such situations.
This was one of the main lessons taught in a cyber incident war-gaming exercise held for the media in New York by consulting firm Deloitte. Deloitte typically conducts such exercises on behalf of large organizations that want to prepare for when they are hit by a major computer breach. In the event, the participants were executives from various companies.
The exercise is designed to prompt organizations to make decisions so "if there is a cyber-incident, it is better prepared," said Mary Galligan, who is Deloitte's director of cyber risk services and a former FBI agent with experience in online crimes.
Typically, security and IT staff in most organizations are aware of the probability of cybercrimes and are trained to react quickly should one occur. Other business departments of an organization are not usually as aware of what their roles would be in such a scenario, Galligan said. Even those executives who are well equipped to manage a crisis find that "a cyber incident happens faster than anything that they've been used to before," Galligan said.

This work includes not only finding out how the information leaked out and then correcting the problem, but also handling a range of secondary issues. The company must craft a media message and contact all the affected patrons. It must use social media and train its own employees to reassure customers that the retail establishment has taken the breach quite seriously. It must also work with business partners, merchandise manufacturers and banks to ensure they don't sue the company for damages. It must readjust its sales projections, as well as inventory levels, to handle the lull in business that will probably occur in the months to come. 
Finally, they need to answer to the company's board of directors, who are often angrily looking for how these issues are being addressed.
Computerworld: http://bit.ly/1E1E6Nl

« 'Killer Robots' Offer Both Risks & Advantages for Military Use
How Mobility Is Revolutionising Manufacturing »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Roka Security

Roka Security

Roka Security is a boutique security firm specializing in full-scale network protection, defending against advanced attacks, and rapid response to security incidents.

SAMATE

SAMATE

The Software Assurance Metrics And Tool Evaluation project is an inter-agency project between the US Department of Homeland Security and NIST.

Sentia

Sentia

Sentia is an IT and infrastructure firm, with focus on Outsourcing, IT operation and management, Hosting, Co-location, Network, and IT security.

Picasso

Picasso

The Picasso project is focused on ICT Policy, Research and Innovation for a Smart Society: towards new avenues in EU-US ICT collaboration.

Cyber Security & Information Systems Information Analysis Center (CSIAC)

Cyber Security & Information Systems Information Analysis Center (CSIAC)

CSIAC is chartered to leverage best practices and expertise from government, industry, and academia on cyber security and information technology.

Institute for Cyber Security Innovation - Royal Holloway

Institute for Cyber Security Innovation - Royal Holloway

The Institute for Cyber Security Innovation aims to bring together Academia, Industry and Government to be a catalyst for applied research and innovation in cyber security policy and solutions.

Get Safe Online

Get Safe Online

Get Safe Online is a leading source of unbiased, factual and easy-to-understand information on online safety.

GreenWorld Technologies

GreenWorld Technologies

GreenWorld has a proven track record in industry leading IT asset management, secure data destruction and remarketing.

Blockchain R&D Hub

Blockchain R&D Hub

Blockchain R&D Hub's mission is to serve the needs of blockchain ecosystem as the center of excellence for technology research and development.

Salient Law

Salient Law

Salient Law is a virtual law firm that specialises in advising providers and users of technology on contracts involving technology.

Hubraum

Hubraum

Hubraum is Deutsche Telekom’s tech incubator, helping startups to create new business opportunities in areas including data analytics, AI, robot process automation and cyber security.

New Net Technologies (NNT)

New Net Technologies (NNT)

NNT SecureOps provides ultimate protection against all forms of cyberattack and data breaches by automating the essential security controls.

Qrypt

Qrypt

Qrypt has developed the only cryptographic solution capable of securing information indefinitely with mathematical proof as evidence.

Gotham Security

Gotham Security

Gotham Security delivers high-quality penetration testing, malicious adversary simulation, compliance program development, and threat intelligence services.

DarkFeed

DarkFeed

DarkFeed is a Threat Intelligence provider that monitors the darknet in real-time, where hackers and Cyber criminals are most active.

CovertSwarm

CovertSwarm

Since 2020 CovertSwarm have been radically redefining how enterprise security risks are discovered. We outpace the cyber threats faced by our clients using a constant cyber attack methodology.