Deloitte Mock a Cyberattack to Teach Business How to Respond

 cybersecurity.jpg
A security breach or big data loss can trigger an emergency for the entire business, not just for the IT or security teams, so staffers from multiple departments must know how to react effectively in such situations.
This was one of the main lessons taught in a cyber incident war-gaming exercise held for the media in New York by consulting firm Deloitte. Deloitte typically conducts such exercises on behalf of large organizations that want to prepare for when they are hit by a major computer breach. In the event, the participants were executives from various companies.
The exercise is designed to prompt organizations to make decisions so "if there is a cyber-incident, it is better prepared," said Mary Galligan, who is Deloitte's director of cyber risk services and a former FBI agent with experience in online crimes.
Typically, security and IT staff in most organizations are aware of the probability of cybercrimes and are trained to react quickly should one occur. Other business departments of an organization are not usually as aware of what their roles would be in such a scenario, Galligan said. Even those executives who are well equipped to manage a crisis find that "a cyber incident happens faster than anything that they've been used to before," Galligan said.

This work includes not only finding out how the information leaked out and then correcting the problem, but also handling a range of secondary issues. The company must craft a media message and contact all the affected patrons. It must use social media and train its own employees to reassure customers that the retail establishment has taken the breach quite seriously. It must also work with business partners, merchandise manufacturers and banks to ensure they don't sue the company for damages. It must readjust its sales projections, as well as inventory levels, to handle the lull in business that will probably occur in the months to come. 
Finally, they need to answer to the company's board of directors, who are often angrily looking for how these issues are being addressed.
Computerworld: http://bit.ly/1E1E6Nl

« 'Killer Robots' Offer Both Risks & Advantages for Military Use
How Mobility Is Revolutionising Manufacturing »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Fortinet

Fortinet

Fortinet is a provider of network security systems. Our products provide protection against dynamic security threats while simplifying the IT security infrastructure.

AirCUVE

AirCUVE

AirCUVE provide authentication and access control solutions for networks and mobile security.

Muninn

Muninn

At Muninn (aka Wehowsky), we specialize in mitigating potential risks within your network, providing one of the leading network detection and response (NDR) solutions on the market.

IoT European Research Cluster (IERC)

IoT European Research Cluster (IERC)

IERC brings together EU-funded projects with the aim of defining a common vision for IoT technology and development research challenges.

Digitronic Computersysteme

Digitronic Computersysteme

Digitronic focus on innovative software to protect your personal and sensitive corporate data.

Intensity Analytics

Intensity Analytics

Intensity Analytics is a software firm that develops next-generation, physical user and entity behavioral authentication ("physical UEBA") security software technology.

Iceberg

Iceberg

Iceberg has been established to provide companies with cyber security experts who will protect businesses from the unseen threat of cyber crime.

Cyber Security Audit Corp (C3SA)

Cyber Security Audit Corp (C3SA)

C3SA specializes in architecting, operating, managing and improving defensible and resilient IT infrastructures for Canada's public and private sectors.

FirstPoint

FirstPoint

FirstPoint has developed the market’s most advanced solution for securing cellular devices, including mobile phones and IoT products, by blocking malicious data leakage.

Wiser Market

Wiser Market

Wiser Market is a leading company in global online brand protection services, intellectual property protection, anti-Counterfeit & trademark infringements.

FortifyData

FortifyData

FortifyData is the next generation of cyber risk management–a comprehensive platform that continuously evaluates your third-party, internal and people risks.

Q6 Cyber

Q6 Cyber

Q6 Cyber is an innovative threat intelligence company collecting targeted and actionable threat intelligence related to cyber attacks, fraud activity, and existing data breaches.

C3.ai Digital Transformation Institute

C3.ai Digital Transformation Institute

The C3.ai Digital Transformation Institute is a research consortium dedicated to accelerating the benefits of artificial intelligence for business, government, and society.

LoughTec

LoughTec

LoughTec secure, manage and connect IT infrastructure for businesses and organisations throughout the UK and Republic of Ireland.

Schellman

Schellman

Schellman is a leading provider of attestation and compliance services.

Blockfence

Blockfence

Blockfence are a seasoned crew versed in enterprise-grade cybersecurity and crypto, on a mission to collaboratively shape the future of Web3 security.