Deloitte Mock a Cyberattack to Teach Business How to Respond

Uploaded on 2015-05-04 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Consulting, TECHNOLOGY--Resilience

 cybersecurity.jpg
A security breach or big data loss can trigger an emergency for the entire business, not just for the IT or security teams, so staffers from multiple departments must know how to react effectively in such situations.
This was one of the main lessons taught in a cyber incident war-gaming exercise held for the media in New York by consulting firm Deloitte. Deloitte typically conducts such exercises on behalf of large organizations that want to prepare for when they are hit by a major computer breach. In the event, the participants were executives from various companies.
The exercise is designed to prompt organizations to make decisions so "if there is a cyber-incident, it is better prepared," said Mary Galligan, who is Deloitte's director of cyber risk services and a former FBI agent with experience in online crimes.
Typically, security and IT staff in most organizations are aware of the probability of cybercrimes and are trained to react quickly should one occur. Other business departments of an organization are not usually as aware of what their roles would be in such a scenario, Galligan said. Even those executives who are well equipped to manage a crisis find that "a cyber incident happens faster than anything that they've been used to before," Galligan said.

This work includes not only finding out how the information leaked out and then correcting the problem, but also handling a range of secondary issues. The company must craft a media message and contact all the affected patrons. It must use social media and train its own employees to reassure customers that the retail establishment has taken the breach quite seriously. It must also work with business partners, merchandise manufacturers and banks to ensure they don't sue the company for damages. It must readjust its sales projections, as well as inventory levels, to handle the lull in business that will probably occur in the months to come. 
Finally, they need to answer to the company's board of directors, who are often angrily looking for how these issues are being addressed.
Computerworld: http://bit.ly/1E1E6Nl

« 'Killer Robots' Offer Both Risks & Advantages for Military Use
How Mobility Is Revolutionising Manufacturing »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Siepel

Siepel

Siepel manufactures high quality shielded rooms and anechoic chambers dedicated to TEMPEST, NEMP & HIRF.

Visa

Visa

Visa is a global payments technology company that connects consumers, businesses and banks in more than 200 countries and territories worldwide.

Security Network Munich

Security Network Munich

Security Network Munich brings together leading players in the field of information and cyber security through joint research and innovation projects.

InnoSec

InnoSec

InnoSec is a software manufacturer of cyber risk management technology.

Jscrambler

Jscrambler

Jscrambler addresses all your JavaScript and Web application protection needs.

Cybertech

Cybertech

Cybertech Conference & Exhibition presents commercial problem solving strategies and solutions for the global cyber threat that meet the diverse challenges for a wide range of sectors.

NAVEX Global

NAVEX Global

NAVEX Global’s compliance management system consolidates your entire GRC program onto a scalable cloud-based platform.

Lifetech

Lifetech

Lifetech is a software development, product engineering and system integration company. Cybersecurity services include SIEM deployment and training.

Exceed Cybersecurity & I.T. Services

Exceed Cybersecurity & I.T. Services

Exceed Cybersecurity & I.T. Services is a premier Managed Internet Technology (I.T.) company with a focus in cybersecurity risk management and CMMC compliance management.

Paperclip

Paperclip

Paperclip provides paperless solutions while enabling compliance and security for the exchange of critical content.

AuthX

AuthX

AuthX provides secure and seamless log-in capabilities through strong authentication and integrations.

Smartcomply

Smartcomply

Smartcomply is an automated and AI-powered cybersecurity and compliance platform that aids businesses in reducing the time and money spent on cybersecurity and compliance.

CyberGrape

CyberGrape

CyberGrape is a client centric managed services company, providing enterprise leading security solutions and helping companies through their IT risk and security challenges.

Prowler

Prowler

Prowler is at the forefront of the Open Cloud Security movement, championing a new era of transparency, customizability, and community-driven security for cloud environments.

Slide

Slide

Slide is a modern, security-first Business Continuity & Disaster Recovery (BCDR) company built exclusively for Managed Service Providers.

Pacific Northwest National Laboratory (PNNL)

Pacific Northwest National Laboratory (PNNL)

PNNL draws on its distinguishing strengths in chemistry, Earth sciences, biology, and data science to advance scientific knowledge and address challenges in energy resiliency and national security.