Introduction - Incidence Response Plans: Advice and Best Practices (02:08)
Cyber-attacks cost corporations, governments, and individuals over $100 billion each year collectively. This video features Peter Vogel and is intended to inform professionals on the latest trends in creating an IRP. This segment orients viewers to the topics that will be covered in this video including the cybercrime landscape today, addressing plan deficiencies, and collaborating with stakeholders.
The Cybercrime Landscape (05:06)
Corporations have increased their security budgets by 24% in 2015. Most businesses have been attacked by the Chinese, but may not know it. Companies need to hire a CISO to ensure that someone is monitoring internet security; cyber intrusions occur 8 months prior to a cyber-attack.
How IRPs differ from DRBC plans (04:06)
Vogel describes how IT builds solutions around a technology's "mean time between failures." When there is a cyber-intrusion, there are different steps to implement than in a disaster. In an Incidence Response Plan, C-level executives must investigate what data was breached, decide if they need to alert police or another organization, and examine what laws apply at the customer's location.
Where IRPs Fall Short: Incidence Response Plans (04:58)
Half of the corporations surveyed have an overall security plan, hired a CISO or CSO, sponsor employee training about security risks, and support security baseline standards. Incident Response plans fail because divisions and executives do not engage in the set protocol. Vogel explains that corporations should regularly review it and need to be taken seriously.
Elements of a Well-Designed Plan: Incidence Response Plans (04:50)
Executives need to commit to the Chief Information Security Officer. Target had $100 million in cyber-insurance, but claims reached a billion dollars. Key Stakeholders include the CEO, CFO, CIO, CISO, and the General Counsel; Vogel explains how hiring an outside counsel protects the company from litigation because attorney-client privilege extends to the forensic accountants.
IRP planning: Incidence Response Plans (09:53)
Vogel explains how incidence response plans differ from disaster recovery and business continuity plans. Seek a cyber-insurance policy that is specifically designed for your type of business for protection. 47 states have different legal requirements regarding cyber-attacks and data breaches.
Conclusion - Incidence Response Plans: Advice and Best Practices (02:49)
Corporations need to take cyber-attacks and IRPs seriously. Every business should consider how an attack might impact them and prepare for it. Cyber-insurance rates increase if an organization has already had an intrusion.
For additional digital leasing and purchase options contact a media consultant at 800-257-5126
(press option 3) or firstname.lastname@example.org.