浏览资格证书
Find training
Open page navigation
Risk ManagementCloud computingCyber Security

The chances of being hacked or suffering a breach of some sort is now higher than ever and only increasing. It is vital that organisations, large and small, understand what they need to do after a breach, much of which can be summed up in a single word – planning.

This article explains what happens when an organisation is breached, using some examples of real incidents, and then provides some advice on what needs to be done in anticipation of that event.

How do I know I’ve been hacked?

Some of the following may be an indicator that you have been hacked – just being aware is a good start, and means you should do something:

  1. Your device does strange things – works much more slowly, shows strange content, or displays frequent unwanted adverts.
     
  2. Friends tell you they have received lots of emails from you that you didn’t send.
     
  3. You get told that your online account has been hacked.
     
  4. A client asks you to prove how well prepared you are for a data breach.
     
  5. You see strange transactions on your credit card or bank account.

I won’t be hacked, will I?

The world of cyber security is continuing to expose breach after breach of personal, sensitive and confidential information.  There is no evidence at all to suggest this business problem will disappear anytime soon.  There is ample evidence to show that the chances of being breached one way or another is effectively 100% – essentially not if it happens but when it does.

This needs a new way of thinking about risk which, traditionally has considered the likelihood of a risk occurring as the driving force behind countermeasures and mitigations.

Now the main consideration should be the potential impact of a breach, involving the estimation of the value of the information including the expense and difficulty of replacing/recovering it, the embarrassment its loss might cause, and several other factors.

The value of information is assessed by the degree of impact on the organisation suffering a breach of that information, usually recorded in a Business Impact Assessment (BIA).  High impact means the information is high value regardless of the actual content of the information.

Having determined its value and the potential impact of its loss, it is then critical to consider a breach because, whether or not any planning has taken place, it will happen.  So, if it is assumed a breach has happened, what will happen and what should be done?

Continued in part 2.

 

Author- Andy Taylor, Lead Cyber Assessor, APMG

Originally published - 21 June 2017

RELATED PRODUCTS

Silhouette of a back-turned person, shining a helmet torch's beam into a starry night sky. The figure represents NCSC.

NCSC Assured Training

Identify high quality, relevant cyber security training courses

View more
CIISec Product image

CIISEC - Information and Cyber Security Foundation (ICSF)

A brand new, entry level exam for Cyber Security from the Chartered Institute of Information Security (CIISec)

View more
CDCAT® Classic Assessment

CDCAT® Classic Assessment

Our cyber security risk assessment helps you identify the cyber risks facing your business and make an action plan.

View more
Close

资格证书与解决方案

认可的培训机构

Leadership

经认证的培训机构

资格证书与解决方案

选中任意的过滤器并点击“应用”查看结果