Incident Response Beforehand

Download an example Incident Response for your company. Most organizations aren't prepared for the inevitable even though it's state and federal law.

For the last 20 years, it's been the same story over and over. There's a cybersecurity incident at some organization. If it's a big brand, government target, or recognized celebrity then there is a media frenzy with a terse public statement by the victim followed by wild speculation of inept practices or sophisticated cybercriminals. The bigger the dollar loss or individual privacy violated, the better the story.

Fines are paid. Lawsuits are defended. Insurance claims are filed. Forensics experts are hired. Marketing statements are published. Customers are notified.

Information technology personnel get new systems, and the rest of the staff get a brief webinar. A quarter later the public statement is removed from the website, the incident is forgotten, and business returns to normal - until the next time.

For the average business it often means bankruptcy, either immediately or in a few years. The burden is devastating with unexpected expenses, lost customers, lower revenues, disgruntled employees, and damaged reputation.

Change Order and Focus

What if you reversed the problem? Instead of ignoring the inevitable and reacting afterward, what if you published your process for incident response before any security incident? Incident response readiness shows your commitment to protecting customer privacy and allows a quick and minimal update when there is a cybersecurity threat. It's actually been a requirement by your state and the IRS and FTC since 2018, along with having a security plan.

The next thing most organizations don't have in place is regular data breach training with a security awareness score overall and by employee. Often security policies are only mentioned at time of hire. All the effort and expense is put into trying to prevent an attack with cybersecurity products and services, but little effort is done to educate staff who 90% of the time fall for phishing and other scams with no hacking by cybercriminals.

Stop guessing and hoping your staff won't fall victim to a scam and know your Employee Secure Score (ESS). Request free Data Breach Training today.

Security Incident Myth

The common belief is that cybercriminals are easily hacking every technology. While it's true most consumer devices are easily accessed, the reality is that 97% of security incidents are due to human error. TV and movies portray soldiers or police eliminating cyber-terrorists or arresting cyber-punks. However, there is no Geneva Convention for cyberwarfare and cybercrimes are rarely solved. There is also no guarantee that cybersecurity insurance will pay your claim.

The VP of Sales receives an e-mail from a vendor requesting payment that is late along with some wiring information. It's a critical customer project that will be quite lucrative for the firm, so he forwards to Accounts Payable carboning the rest of management (so they are aware). 45 days later the vendor contacts the VP again and he confirms that the wire was already sent. It's only then that he realizes the e-mail address wasn't the same and the wiring information was for a different company in Russia.

He wasn't hacked. He and no one on the team read the e-mail closely. Accounting also didn't confirm the wiring information with a simple phone call. No password protection or software would have prevented his action. $400K was wired off which is not covered by the FDIC, and nothing can be done about a standard banking transaction over 30 days old. Unfortunately, this story happens virtually every day.

Cunning Pitch

If you do a search for "Incident Response", you'll see ads from AT&T to CDW - along with various cybersecurity products. Incident response is a straight-forward business process and not a monthly monitoring service or expensive consulting package.

Don't delegate your responsibility to a distributor or Internet Service Provider as they don't have the expertise or ability to identify threats, much less correct afterwards (also making any reporting suspect). The main reason these players offer incident response services is because they've had to learn from various data breaches of their own.

Incident response shouldn't be just a blog post for a managed service provider or any financial or professional firm. It should be prominently displayed on the website to show regular practice and commitment to customer privacy.

Amazingly, major brands with widely publicized data breaches and even supposed cybersecurity firms have no published incident response.

Incident Response Red Alert

Since the first 45 days of the year, dozens of companies have been breached from heavily hyped Solarwinds and Mimecast to lesser known Ubiquity and Pixlr. For clients or prospective clients we have this notice published:

1. Matrixforce is NOT a Solarwinds or Mimecast customer.
2. Matrixforce does NOT sell customer information for advertising services.
3. Matrixforce does NOT utilize third-party contractors.
4. Matrixforce has NO customer data stored on our corporate network.
5. Matrixforce provides Vetted IT Support with annual third-party reports publicly published to support government and industry verified criteria for suitability and trustworthiness.

Every organization is required to practice and publish regular incident response by state and federal law, yet few have been informed because the "experts" they depend upon are inept or uniformed.

In 30 minutes a cyberist specialist can give you the answers you need to compare any IT service provider and decide if we're a fit for you - at no cost or obligation.

Schedule Consult

For the latest in competitive advantage, follow Kevin Fream on LinkedIn.