Cyber breach response management
Response to cyber breaches must mature to address wide-ranging business impacts.
The potential impact of cybercrime requires that cybersecurity be viewed as a business risk, rather than a simple IT issue. Fundamentally, because a cyber attack may affect a business’s operations, financial statements and legal exposure, its reputation is on the line.
While businesses worldwide have increased the priority of cybersecurity risk, their focus has been primarily on protecting their information by preventing breaches; unfortunately, the current threat environment is such that it is only a matter of time before all businesses will suffer a major cyber breach.
To adequately address these likely large and complex breaches, it is necessary for companies to develop a strong, centralized response framework as part of the enterprise risk management strategy.
A centralized, enterprise-wide cyber breach response program (CBRP) is the focal point that brings together the wide variety of stakeholders that must collaborate to resolve a breach. It needs to be run by someone who is equipped with in-depth legal, compliance and technology experience, and is able to manage the day-to-day operational and tactical response.
The CBRP goes beyond the capacity of a traditional program management office (PMO). In its coordination and oversight role, the CBRP can help ensure that an organization’s business continuity plan is appropriately implemented, develop and enforce a communication and briefing plan among all internal stakeholders, and centrally manage all breach-related inquiries received from external and internal groups.
In short, it provides guidance to all lines of business involved in the response, sets a level of understanding about what information is critical for senior leaders to know — as well as when and how to express it, and allows continuous reaction with precision and speed as a breach continues to unfold over days, weeks or even months.
For more details, download the full report.