FBI Urges Firms to Plan For Cyber Attack

fbijpg-1a13cf4312bb8b00.jpg

An FBI security expert has called on businesses of all sizes to adopt cyber incident response plans to combat a striking increase in global security threats.

Timothy Wallach, an FBI Supervisory Special Agent currently assigned to lead the Cyber Task Force in the US Seattle field office, told V3 businesses should make security planning for cyber incidents a top priority.
"Quite often the FBI responds to companies that don't have an incident response plan at all and they are the ones that have had intrusions in their networks for a year and so everything is stolen," he said.
"The companies that are more sophisticated in terms of security generally have the plan in place."
His comments come in the wake of numerous high-profile cyber attack incidents over the past few years such as the breach of Ashley Madison, the OPM, Target and even a breach of Betty's tea room.
Many of these attacks are thought to have been carried out by government-backed groups, although Wallach said the techniques used for cyber attacks are often he same whether criminals or a nation state which makes attribution tough.
Wallach's comments came after new research commissioned by Trend Micro and Quocirca found that incident response planning, including carrying out 'cyber fire drills', remains underused by UK organisations.
Only 36 percent of companies have cyber fire drills in place, although this is seven percent above the European average.
Rik Ferguson, global vice president of security research at Trend Micro, said a cyber fire drill is an extremely useful tool as it has a "positive feedback loop" built in.
"It seems like the fire drill scenario should be an easy win for most of the organisations in the survey as it's a simple add on, either to training or a penetration test, or ideally putting all of them together to create a fire drill out of things that people are apparently already doing and already paying for," he said.
"It's very important that we as an industry get everybody else to think more about security. There certainly should be a mindset of security first in everything you do."
Bob Tarzey, director of Quocirca, revealed that UK organisations are still more likely to be targeted, and receive a higher number of attacks in comparison with Europe.
However, the research found that the actual impact of a cyber breach is not as damning when the data is contrasted. 

The full security report with a more expansive breakdown of specific types of threats currently faced by UK businesses will be published in October. 

The research also said that 52 percent of European and 53 percent of UK organisations fear that a cyber attack would have a serious impact on their operation. However, the majority of UK businesses said they had measures in place to mitigate targeted attacks.
Ein News: http://bit.ly/1Ltl9eM

However Cyber Security Intelligence analysis does not support this conclusion; as often the company Board believe the reports from their IT teams who sometimes underestimate their own security vulnerabilities. Cyber Security Intelligence will be producing monthly Directors' Reports. Sign up here: http://www.cybersecurityintelligence.com/contact.php

 

« Why Cybercrime Now Exceeds Conventional Crime
The Pentagon Goes Shopping For A New Mobile Phone »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

SafenSoft (SnS)

SafenSoft (SnS)

SafenSoft delivers high-efficiency, low-impact proactive protection against malware, insider threats, and confidential data leakage.

SailPoint

SailPoint

SailPoint provides identity governance solutions with on-premises and cloud-based identity management software for the most complex challenges.

Cyberens

Cyberens

Cyberens provide cybersecurity consulting services in IT sectors relating to defense and space, banking, industrial control systems and IoT.

BEAM Teknoloji

BEAM Teknoloji

BEAM Technology is an independent Software Quality and Security Testing Center in Turkey.

RCMP National Cybercrime Coordination Unit (NC3)

RCMP National Cybercrime Coordination Unit (NC3)

As set out in the Government of Canada's National Cyber Security Strategy, the RCMP has established the National Cybercrime Coordination Unit (NC3).

Mindmajix Technologies

Mindmajix Technologies

Mindmajix is a live and interactive e-learning platform that offers professional online IT training in areas including cyber security.

Securolytics

Securolytics

Securolytics offers the simplest, most complete and affordable IoT security for all organizations. Securolytics quickly identifies unmanaged devices to reduce security and compliance risks.

Defentry

Defentry

Defentry have created an Ecosystem that lets our users easily monitor, train and resolve their digital security issues.

OneLayer

OneLayer

OneLayer provide enterprise grade security dedicated for private LTE/5G networks. We ensure that the best IoT security toolkit is implemented in your cellular environment.

Orro Group

Orro Group

Orro create 'future now' solutions that make it faster, simpler and safer for you to access, store and share information. Wherever, whenever and with whomever you want.

Narf Industries

Narf Industries

Narf Industries are a small group of reverse engineers, vulnerability researchers and tool developers that specialize in tailored solutions for government and large enterprises.

Liberty Technology

Liberty Technology

Liberty Technology has a host of highly trained, certified experts who assist our clients with immediate remote support as well as on-site service.

B&L PC Solutions

B&L PC Solutions

B&L PC Solutions deliver top cyber security services on Long Island and New York city to protect businesses from evolving online threats.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Amplifier Security

Amplifier Security

Amplifier Security are on a mission to empower security teams to modernize their practice by connecting the dots between their security stack and their people.

Linx Security

Linx Security

The Linx Identity Security platform enables identity, security, and IT ops teams to finally control the whole identity lifecycle.