Questions for our Expert, Shane Hasert, CISSP, CISA, CRISC, CTPRP, CTPRA

1)    What are 3 specific recommendations to have a successful incident response or flaw remediation program?

2)    What are the critical next steps to take after an internal data breach which significantly disrupts business continuity?

3)    What are 3 basic cybersecurity hygiene actions Customers can take on their third parties?


Shane will be providing answers to these questions later today. If you have any further questions regarding basic cyber hygiene and risk management information, please submit them in the Comments section. 


Comments

  • 2)    What are the critical next steps to take after an internal data breach which significantly disrupts business continuity?

     

    Once you have detected and confirmed a data breach, whether internal or external, the first step is to contain the culpable system so that forensics can eventually be performed and determine how and when the breach started to develop a plan to keep it from happening in the future.  

     Next, is finding and eliminating the root cause of the breach, by updating patching, resetting hardening standards, changing passwords and removing any and all malware.  If possible, reimaging the system should be considered and accomplished so the system can be returned to the environment without the fear of another breach.

     Finally, document any lessons learned to identify areas of improvement to your incident response plan, work on improving security measures to prevent the next breach and prepare communication (internally and externally) as deemed appropriate.  Be sure to describe what has been done and what will be done to remedy the breach and what actions customers can take to protect themselves, if they have been affected.    


  • 3)    What are 3 basic cybersecurity hygiene actions Customers can take on their third parties?

     

    Since the advent of regulatory requirements (specifically OCC Bulletin 2013-29 Third-Party Relationships: Risk Management Guidance) organizations have made a significant effort to increase due diligence toward third- and fourth-party relationships.  As an experienced IT security professional, some of the basic cybersecurity hygiene actions to take and implement with third parties include:

    Identify and prioritize critical services, products and assets being provided on behalf of third-parties. All third-party relationships are not created equal, and appropriate scoping of the relationship will give a better understanding of the risks and rewards associated with establishing a long-term relationship (or partnership) with a third-party. 

     Establish (and practice) an effective incident response plan.  While we all would like to think, ‘it couldn’t happen to me,’ the truth is it can, and at some point, in time and to some extent it will.  Whether it be a minor security setting error to a full-fledged data breach, a security incident is in your future; so, it is better to prepare and train than to be caught off guard.

    Partner with your third-parties to conduct effective cybersecurity education and awareness activities.  We have all heard it, “Security is Everybody’s Business,” and there is no better way to instill this motto with your partnerships than to encourage and share cybersecurity education and awareness training that is both pertinent to your business and relevant to current trends and risks.


Sign In or Register to comment.