TORONTO, Aug. 5, 2015 /CNW/ - Incident response teams are an organization's last line of defence in the unpredictable and fast-paced battle against cyber attacks. These teams are on the front lines in the cyber world, assessing security systems and responding to security threats, as well as resolving issues and controlling damage of system breaches, malware exposure, and other security events.
But not all response programs are the same. Some can hinder, rather than resolve, security threats. KPMG's Forensic team has identified 10 major mistakes that can cripple an organization's response effort to data breaches, cyber-attacks and other security events. Included are the first five mistakes that may arise for incident response teams.
- Plans are not tailored to the organization – Companies should establish policies, processes, and procedures that are tailored to their culture, environment, response personnel and business objectives.
- Plans are only used in real-world incidents – Companies need to put their plans into action and test them with regular frequency before the real event happens – similar to the way fire drills are performed.
- Teams are unable to communicate with the right people in the right way – A centralized communication dashboard, where the incident response team can post details about the current investigation and pull the information as-needed, can help limit the disruptions of constant e-mail messaging, which can overwhelm e-mail inboxes.
- Teams lack skills, are wrong-sized, or mismanaged – Organizations should closely evaluate the need for additional training or internal recruiting assistance to help foster the proper level of experience on the incident response team.
- Help desk activities can destroy critical evidence – Help desk staff should be trained to document their activities in case their actions become part of an investigation.
If you would like to learn more about the remaining five mistakes or would like insight into how companies can manage their response effort to security problems, Kevvie Fowler, KPMG Partner, Cyber Security and National Cyber Forensics Leader, is available for interviews.
KPMG LLP, an Audit, Tax and Advisory firm (kpmg.ca) and a Canadian limited liability partnership established under the laws of Ontario, is the Canadian member firm of KPMG International Cooperative ("KPMG International"). KPMG member firms around the world have 162,000 professionals, in 155 countries.
The independent member firms of the KPMG network are affiliated with KPMG International, a Swiss entity. Each KPMG firm is a legally distinct and separate entity, and describes itself as such.
SOURCE KPMG LLP
For further information: Julie Bellissimo, KPMG in Canada, 416.777.3988, [email protected]