Cybersecurity: How to keep bad actors at bay

Five ways to fortify your cyber attack response plan

April 13, 2023 00:45 IST

Cybersecurity, — To fully benefit from CSaaS models, organisations need to have a detailed incident response plan in place.

By Sunil Sharma

It’s Friday night and you’re looking forward to a relaxing weekend. You’re just getting ready for bed when your mobile phone pings. It’s a frantic message from your IT manager — your company has been hit with a ransomware attack. There is more at stake now than a wrecked weekend and the decisions you take in the seconds, minutes and hours immediately following the attack will have long-term operational and regulatory effects that can impact your bottom line and reputation.

As cyberattacks are becoming more common and complex, many enterprises are leveraging cybersecurity as a service (CSaaS) — a security model where outsourced specialists provide on-demand security solutions. Organisations can thus ensure threat hunting, detection and response capabilities through managed detection and response (MDR), a key feature of CsaaS.

However, MDR is only a part of the solution. To fully benefit from CSaaS models, organisations need to have a detailed incident response plan in place. Many active attacks tend to become overwhelming very quickly. Not having an incident response plan makes it challenging for leaders to understand the severity of an attack.

Also Read

Career path in cybersecurity: How to begin and advance

On the other hand, having a proactive response plan allows internal teams to examine various response protocols with the help of rigorous mock situations and tabletop exercises. At the same time, setting up proactive systems allows stakeholders to build internal alignment and formulate the integration of outsourced MDR. MDR, which is powered by human-led threat hunting at scale, ensures that the organisation is safe from such incidents.

Also Read

Women in cybersecurity: A pressing priority

Here are five key steps to developing a thorough response plan:

Stay agile: Some components of response plans will require a flexible approach. Even with a solid plan in place, organisations need to be able to adapt to new threat evolutions and to modify their plan accordingly.

Prioritise cross-team collaboration: All areas of an organisation are affected by a cyberattack. Ensure all teams — finance, legal, marketing, PR and IT — are involved in the decision-making process and risk assessment.

Maintain good IT environment hygiene: A robust IT environment reduces the risk of incidents. Hence, it is important to keep a check on security controls to help resolve unpatched vulnerabilities, such as open remote desktop protocol (RDP) ports.

Keep a hard copy of incident response plans: Ensure you have a physical copy of your response plan. If a company is ever attacked, digital copies of the strategy may be among the files encrypted.

Leverage MDR specialists with incident response experience: Even the most experienced internal security team can benefit from an MDR operations team with industry knowledge and experience dealing with attacks. These service providers are well educated about the threats that are lurking and know how to respond quickly and efficiently.

The writer is managing director, sales, India & SAARC, Sophos

TOPICScyber crime cyber security

Get Live Share Market updates, Stock Market Quotes, and the latest India News and business news on Financial Express. Download the Financial Express App for the latest finance news. .

This article was first uploaded on April thirteen, twenty twenty-three, at forty-five minutes past twelve in the am.

Market Data