Incident Response: Are you ready?
I am a big proponent of “what if” planning. Are you? I spin through what-if scenarios every day. Sometimes I ponder unlikely events, like: what would I do if I came across a bear while hiking in the forest? Or, a more positive but equally unlikely example: what if I won a million dollars? Either way, I’d want to be prepared.
Security professionals experience “what if” scenarios every day as well: what if we experience a data breach? If my organization suffers loss from a breach, what happens to the business down the road? Unlike my scenarios, the likelihood of the breach occurring is very high and you may not even know it has happened. According to industry reports, it can take organizations more than 100 days to discover security incidents within their own environments. And due to resource constraints, nearly half of these incidents are never even investigated.
Think about that. Attackers lurking within corporate networks for months at a time. They continue to work smarter and faster, only needing to find one vulnerability to get inside a network. Meanwhile, the exploding number of new technologies, devices, and users on enterprise networks makes it unfeasible to block every attack all the time.
An incident response plan is critical for security.
What do you do? You hope for the best and plan for the worst. You put the right people, products, and processes in place to protect your organization from most threats. Indeed, with the right technology, threat intelligence and expertise, our Cisco Security teams have shown you can reduce time to detection to hours. But you expect attacks to slip through the cracks and you plan for it.
To help you build your own “what if” scenario for breaches, we built an interactive experience for you. Perhaps you’re aware that your organization should have a formal incident response plan. Or maybe you already have one. But are you completely clear on all the components that should make up such a plan? Or what to do when things go wrong?
The cornerstone of our interactive experience is a short eBook to help you build and strengthen your incident response plans. Even if you feel like you’ve got a solid strategy in place, check out this resource to see if there’s anything else you could be doing to make it stronger.
Today’s attackers are relentless. We want to help you be just as relentless in your defense and response planning.
https://blogs.cisco.com/security/incident-response-are-you-ready