About a month ago, I reported on a study from Ponemon Institute and AccessData that revealed that most companies are doing a poor job when it comes to detecting and effectively responding to a cyberattack. As Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, said in a statement when the report was released:
“When a cyber-attack happens, immediate reaction is needed in the minutes that follow, not hours or days. It’s readily clear from the survey that IR processes need to incorporate powerful, intuitive technology that helps teams act quickly, effectively and with key evidence so their companies’ and clients’ time, resources and money are not lost in the immediate aftermath of the event.”
AccessData’s Chief Cybersecurity Strategist, Craig Carpenter, has been looking at this problem in some depth. We aren’t totally clueless on why these attacks are able to cause tremendous amounts of damage, both financial and reputational, to companies. For example, as information about the Target breach continues to trickle out, we have a pretty good idea of how and why the incident occurred. Our concern now, Carpenter said in a blog post, is fixing these problems. The key, he said, is prioritization and improved integration. In an email to me, Carpenter provided a few steps every company should take to prevent a “Target-like” breach in the future:
Staying ahead of cyber incidents isn’t easy. The bad guys are very good at staying one step ahead. But as Carpenter pointed out with these tips, IT and security staff need to be vigilant at all times.