Every company should be constantly focused on preventing, detecting, and having the right capabilities in place to respond to data security incidents. Accepting that incidents are inevitable does not mean that you stop trying to prevent them. Rather, in addition to reducing risk profiles through information governance and implementing preventative security measures, companies must focus on adapting measures to changing risks, faster detection, containment, and effective response. Central to this is improving preparedness based on internal and external “lessons learned.”
The findings in this Report, developed from analyzing over 300 incidents we helped manage in 2015, are an important component of preparedness efforts. We have identified the issues and consequences companies actually experience. Budgets are tight, and employees are continuously being asked to take on more duties. Having insight into how these issues arise and the resulting financial impact can help companies prioritize and focus data security incident preparedness decision making. This Report can also be used to win support for additional personnel and budget increases, and to help management and boards exercise appropriate oversight.
Not convinced that being compromise ready is important? Historically, the primary concern companies had about security incidents was the reputational impact caused by a public disclosure. Our experience shows reputational impact does not necessarily occur just by disclosing an incident. The hardest hits to a company’s reputation are more likely to occur when the notification shows that the underlying cause should have been prevented or that the company is viewed as not handling the response well. And contrary to what many believe, a company that is quicker to notify is not always viewed more favorably.
We hope you find a way to use these findings to incrementally improve your company’s level of preparedness.
2015 Energy Industry Cybersecurity Report
Strategic Cybersecurity: A Toolkit for Prioritizing, Coordinating, and Transforming Your Cybersecurity Program