Connect with us

Hi, what are you looking for?

HEADLINES

What to do before, during, and after a cyber attack

20160122 Symantec - Corporate Portraits  (397) croppedBy Yuh Woei Tan, Symantec Senior Director for Cyber Security Services

With around 33.6 million of internet users in the Philippines and a staggering 22 percent increase in internet penetration in the past year, the Philippines stands as a very attractive target for cybercriminals.

Based on the 2014-2015 Philippine Cybercrime Report published by the Department of Justice-Office of Cybercrime, intellectual property theft is deemed a major threat not only to consumers but to businesses as well. Records in 2012 showed a surge in intellectual property theft cases, 42% of which were targeted towards manufacturing sectors and small businesses. The report states that consumers and businesses remain susceptible to ransomware and mobile threats, particularly on the Android platforms.

Eventually, your organization will be targeted in a cyber-attack. While security incidents may be inevitable, the consequences of data breaches don’t have to be. Breaches are often the result of a lack of cyber security readiness, early detection, or timely response. So, what are the proactive measures that should be taken against breaches?

Before the cyber attack

Advertisement. Scroll to continue reading.

Take these steps to help your organization before an attack:

• Prepare early and often. Preparation is not just a document. As Symantec’s newly released white paper entitled “Anticipating the Breach” advocates, it’s a living program that needs to be built, tested, and refined—and then tested and refined again and again.

• Build an effective team. Make it a priority to continually develop and grow the security team by assessing their skills, identifying gaps, and training them in realistic scenarios. The security plan is nothing without a solid team behind it.

• Integrate global threat intelligence. Adversaries are constantly changing tactics. Organizations need to create a defined threat intelligence program that continually monitors global adversary trends and campaigns.

During the cyber attack

Advertisement. Scroll to continue reading.

Today, attackers are using sophisticated tactics to evade detection while infiltrating defenses—and many of these attacks go unnoticed for months or even years. Knowing how to react in the midst of an attack is critical.

• Detect and respond quickly. The faster an incident is detected and prioritized as critical, the faster resources can be allocated to respond.

• Apply threat intelligence. Armed with the right level of global threat intelligence, you can go on the offensive and proactively hunt for threat indicators within your own environment. Consider partnering with a security technology and intelligence partner who can help extend the technical and human resources capability of your own security team.

After the cyber attack

• Contain and remediate. Your response team must contain and remediate as fast as possible so an incident does not result in a breach.

Advertisement. Scroll to continue reading.

• Post-attack executive briefing. Have a final executive briefing to review lessons learned and assess your cybersecurity program.

• Training and testing. Incident response teams need constant training, development, and testing to build incident readiness “muscle memory”. Once that incident occurs, a trained and tested response team will be ready to take immediate action.

Overall, incorporate lessons learned from the attack to refine your security program and prepare your teams for future incidents.

 

Advertisement. Scroll to continue reading.

You May Also Like

HEADLINES

During a recent webinar on Building Resilience Against Online Scams, hosted by fiber broadband and technology provider Converge ICT Solutions Inc., its Chief Executive...

HEADLINES

In 2024, Kaspersky restructured its Partner Program into four key partner types, recognizing the diverse profiles within its network – from traditional resellers and...

White Papers

The study tested 2,000 UK and US consumers, exposing them to a series of real and deepfake content. The results are alarming: only 0.1%...

HEADLINES

Deepfakes pose significant threats and risks, with nearly half of companies worldwide reporting incidents in 2024, according to industry reports. HONOR’s innovative solution immediately...

HEADLINES

The Philippines’ global ranking for local threats rose from 76th to 66th, highlighting the need for stronger cybersecurity measures.

HEADLINES

Despite 65% having adopted generative artificial intelligence (GenAI capabilities), 89% of IT leaders are concerned that flaws in GenAI cybersecurity tools could put their...

APPS

PSBank is reinforcing its commitment to security through key enhancements to its PSBank Mobile app.

White Papers

Hyper-personalized attacks and agent AI subversion will require industry-wide effort to root out and address. Business leaders should remember that there’s no such thing...

Advertisement