> IBM > Security Essentials for CIO's: Responding to Inevitable Incident

Security Essentials for CIO's: Responding to Inevitable Incident

White Paper Published By: IBM
Published:  Oct 13, 2015
Type:  White Paper
Length:  4 pages

It could come tomorrow, or perhaps two years from now. It could arrive in many forms, perhaps as a distributed denial of service attack or malware siphoning off company secrets. Whatever its shape or nature, the first question is not whether an enterprise-threatening incident will come, but instead when. And the same goes for the one after that. The vital question, of course, is whether you’re prepared.

An enterprise built to thrive must have a team ready and on call every hour of the day to respond to a major incident. In a sense, this unit functions like a hospital emergency room. Everyone must know his or her documented processes and procedures. And much like an emergency at an ER, the challenge is to identify the threat quickly, assess its gravity and potential to spread, and take prompt measures to contain it.

The trouble is that incidents, unlike those at an ER, can affect every branch of business. Some incidents threaten customers, others employees or products. Some might leak sensitive data on partners, relations with governments or intellectual property. The possibilities range as wide as the enterprise itself. This means, daunting as it might sound, that the incident-response team must draw on expertise from virtually every area of the enterprise.

So what steps should a CIO take to build a top-notch system for incident response? We’ve put together a list.

Tags : 
ibm, cio, security, data, cybercriminal, malware protection