Forward planning is key to combat cybercrime

Earlier this month, the government announced that it will invest $22.2 million from the Budget 2016 to boost cyber security.

Of the $22.2 million, $20 million will be invested over the next four years on a new national Computer Emergency Response Team (CERT), to combat cyber-attacks and cybercrime.

At the time, Amy Adams, Communications Minister stated that “Cybercrime cost our economy $257 million last year and affected more than 856,000 New Zealanders”*.

Liam Rowland, Head of Incident Response and Forensics, APJ at Dell SecureWorks, believes that businesses taking action to protect themselves is the key and that if they don’t, they could be in for a surprise if their systems are compromised.

“Creating the CERT is an indicator that the New Zealand government takes cyber security very seriously,” explains Rowland.

“The worst time to realise you are not prepared for a cyber-security incident is when a breach occurs. Security incidents are crisis situations that place a great deal of pressure on IT staff. Nearly every day the media report on organisations, companies and nation states that are dealing with information security breaches.

“From the smallest companies to the largest conglomerates, organisations around the world are attacked every second of every day and many do not have an incident response plan in place,” says Rowland.

While identifying and understanding the short and long term costs is important, Rowland says the real key is being prepared, “Estimating what a breach might cost today can help a company better develop a plan for the day when an event does occur. Determining potential losses can highlight key areas of opportunity for enhancing security strategy, focusing budget and resources on the right vulnerabilities, and preparing the company to respond quickly and resolve a breach more effectively,” says Rowland.

Rowland’s vital tips for organisations on reducing and mitigating the overall impact of a breach include: 

• Most importantly; don’t wait, take action now
• Understanding the costs of a breach to your organisation
• Plan from a consequence approach - Identifying a hierarchy of consequences based on breach scenarios can focus resources and potential investments in people, process and technology.
• Establish an incident response team and develop a comprehensive incident response plan. Test the plan frequently
• Engage a third party as part of the incident response plan - Third-party security responders should have the capabilities to plan for, detect, identify, and extricate cyber threats from the environment, and they should provide the necessary cyber forensics to assess damage and aid recovery
• Train your employees - Security awareness training can become your first line of defence to prevent the initial intrusion vector of many breaches
• Insure your organisation and make sure it’s got you covered - Purchasing cyber insurance is a good best practice for decreasing some costs of a breach, and can help lower the cost per compromised record
• Get leadership involved - Studies show that involving the board of directors in security decisions has a direct dollar correlation to decreasing the cost of a breach