Do we have a cybersecurity task force in place?
Cybersecurity professionals are taught to think of when (not if) a breach will occur. Planning for a breach means creating a task force across an organisation that designates who will be involved in disclosing the attack to customers (the CMO), who will be responsible for securing a network (the CISO, CSO, and CTO), and who will handle legal ramifications of the breached information (legal, customer, and HR departmental leads). Although creating a cybersecurity task force within an organisation is considered a best practice, most organisations don’t have a task force in place at all.
According to a Microsoft Information Security survey, 63% of financial executives of enterprise-level companies believe they are “just keeping up with security threats,” 28% believe they are ahead of these threats, and 9% feel they are lagging behind.1
Who should be involved? A large portion of the task force will include security analysts and the IT department. But don’t overlook the importance of legal, finance, investor, and public relations support. Anyone who would contribute to a breach cleanup should be included on a cybersecurity task force and be ready to take action.
1Microsoft Information Security Survey, September– October 2015