Deloitte Mock a Cyberattack to Teach Business How to Respond

Uploaded on 2015-05-04 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-Consulting, TECHNOLOGY--Resilience

 cybersecurity.jpg
A security breach or big data loss can trigger an emergency for the entire business, not just for the IT or security teams, so staffers from multiple departments must know how to react effectively in such situations.
This was one of the main lessons taught in a cyber incident war-gaming exercise held for the media in New York by consulting firm Deloitte. Deloitte typically conducts such exercises on behalf of large organizations that want to prepare for when they are hit by a major computer breach. In the event, the participants were executives from various companies.
The exercise is designed to prompt organizations to make decisions so "if there is a cyber-incident, it is better prepared," said Mary Galligan, who is Deloitte's director of cyber risk services and a former FBI agent with experience in online crimes.
Typically, security and IT staff in most organizations are aware of the probability of cybercrimes and are trained to react quickly should one occur. Other business departments of an organization are not usually as aware of what their roles would be in such a scenario, Galligan said. Even those executives who are well equipped to manage a crisis find that "a cyber incident happens faster than anything that they've been used to before," Galligan said.

This work includes not only finding out how the information leaked out and then correcting the problem, but also handling a range of secondary issues. The company must craft a media message and contact all the affected patrons. It must use social media and train its own employees to reassure customers that the retail establishment has taken the breach quite seriously. It must also work with business partners, merchandise manufacturers and banks to ensure they don't sue the company for damages. It must readjust its sales projections, as well as inventory levels, to handle the lull in business that will probably occur in the months to come. 
Finally, they need to answer to the company's board of directors, who are often angrily looking for how these issues are being addressed.
Computerworld: http://bit.ly/1E1E6Nl

« 'Killer Robots' Offer Both Risks & Advantages for Military Use
How Mobility Is Revolutionising Manufacturing »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

aizoOn Technology Consulting

aizoOn Technology Consulting

aizoOn is a technology consulting company offering a range of services including IoT & embedded security, mobile security, cybersecurity assessments, risk & compliance, network monitoring and more.

Brookings Institution

Brookings Institution

The Brookings Institution is a nonprofit public policy organization. Cyber security is covered within the various study areas.

Radware

Radware

Radware is a global leader of application delivery and cyber security solutions for virtual, cloud and software defined data centers.

Aptive Consulting

Aptive Consulting

Aptive is a cyber security consultancy providing Penetration Testing and Vulnerability Assessment services.

International Computer Science Institute (ICSI)

International Computer Science Institute (ICSI)

ICSI is a leading independent, nonprofit center for research in computer science. Research areas include network security and privacy.

Stealthcare

Stealthcare

Stealthcare is a full service, global cyber security firm offering solutions that educate, empower and protect.

Cyber Security Malta

Cyber Security Malta

Cyber Security Malta is part of Malta's National Cyber Security Strategy which aims to combat cybercrime, strengthen national cyber defence and provide cyber security awareness and education.

Hellenic Accreditation System (ESYD)

Hellenic Accreditation System (ESYD)

ESYD is the national accreditation body for Greece. The directory of members provides details of organisations offering certification services for ISO 27001.

ConvergeOne

ConvergeOne

ConvergeOne is a leading global IT services provider of collaboration and technology solutions including cybersecurity.

swIDCH

swIDCH

swIDch is a technology company that aims to eliminate CNP (card not present) Fraud.

RMRF Tech

RMRF Tech

RMRF is a team of cybersecurity engineers and penetration testers which specializes in the development of solutions for early cyber threat detection and prevention.

Toka Group

Toka Group

Toka empowers government agencies with critical and previously out-of-reach digital forensics, force protection and Intelligence capabilities, tackling the fields' most pressing challenges.

Salem Cyber

Salem Cyber

Salem Cyber builds Artificial Intelligence (AI) solutions that work collaboratively with people to address scalability challenges in cybersecurity operations.

Vaultinum

Vaultinum

Vaultinum are a trusted independent third party specialized in the protection and audit of digital assets.

McKinsey & Company

McKinsey & Company

McKinsey & Company is a global management consulting firm. We are trusted advisor to the world's leading businesses, governments, and institutions.

Astute Technology Management

Astute Technology Management

Astute Technology Management helps businesses take control of their technology and work with greater confidence.