“In our current state of cyber security, security breaches are inevitable. This is an important fact, so I am intentionally repeating it. In our current state of cyber security, security breaches are inevitable.”
FireEye CEO Kevin Mandia, 2011
It has been nearly six years, but not much has changed since FireEye CEO Kevin Mandia spoke those words during his testimony to the U.S. House Permanent Select Committee on Intelligence at an October 2011 hearing.
Having systems in place to prevent as many breaches as possible is only one piece of a thorough defense. Today’s advanced threat landscape also requires a detailed incident response strategy to detect and respond to a breach, along with the expertise to execute it. As soon as an organization identifies an attacker in their network, they need to move quickly to minimize damage to their infrastructure, their brand and their customers.
In our white paper, Are You Ready to Respond? Evaluate and Improve Your Ability to Respond to the Next Attack, we discuss why an incident response plan is essential for every organization, and discuss in detail six key areas for every response plan:
Additionally, the report discusses our approach to assessing an organization’s readiness, and details how we rank each of the six aforementioned capabilities on a scale of 0 to 5. By the end of the report, organization’s will have a clear vision of how to:
- Develop a response plan that safeguards critical systems and information without disrupting core business functions.
- Improve their response system to shorten the time between detecting an intrusion and resolving the breach.
- Evolve their response plan as needs change.