APN News

Five Ways to Fortify Your Cyber Attack Response Plan

By Sunil Sharma, managing director, sales, India & SAARC, Sophos

It’s Friday night and you’re looking forward to a relaxing weekend. You’re just getting ready for bed and that luxurious Saturday morning sleep in when your mobile phone pings. It’s a frantic message from your IT manager – your company has been hit with a ransomware attack.  There is more at stake now than a wrecked weekend and the decisions you take in the seconds, minutes and hours immediately following the attack will have long-term operational and regulatory effects that can impact your bottom line and business reputation.

When you consider that according to the Sophos State of Ransomware in 2021 report, 78% of Indian organizations were hit by ransomware in 2021, the chances of being hit by a cyber attack is not a case of if but when.

As cyberattacks are becoming more common and evolved in their complexity, many enterprises are leveraging cybersecurity as a service (CSaaS) – a security model where outsourced specialists provide on-demand security solutions. By leveraging such services, organisations can ensure 24/7 threat hunting, detection and response capabilities through managed detection and response (MDR), which is a key feature of CSaaS.

However, MDR is only a part of the solution. To fully benefit from CSaaS models, organisations need to have a detailed incident response plan in place. With the help of MDR and holistic response planning, organisations can build a complete security operation that protects them against ever-intensifying threats.

MDR: The Cornerstone of Incident Response Planning

Many active attacks tend to become overwhelming very quickly. In a stressful situation it can be difficult to calmly manage vendors, stakeholders, and deployment tools effectively.  Adding to the mayhem, not having an incident response plan, makes it challenging for leaders to understand the severity of an attack and align their roles and responsibilities throughout the remediation process.

On the other hand, having a proactive response plan allows internal teams to examine various response protocols with the help of rigorous mock situations and tabletop exercises. Further, it also helps organisations to strengthen their responses throughout the plan’s development lifecycle and to identify issues with existing processes.

At the same time, setting up proactive systems, allows stakeholders to build internal alignment and formulate the integration of outsourced MDR. MDR, which is powered by human-led threat hunting at scale, ensures that the organisation is safe from incidents that occur. Even in the worst-case scenario, if an incident takes place, MDR helps reduce the negative impacts.

Throughout the entire incident process, from initial threat detection, containment, and neutralisation to the removal of adversaries from the network, internal stakeholders, MSPs, and MDR partners must collaborate to weigh business implications and then determine their next steps. This is why a holistic incident response plan is so important to ensure that every stakeholder understands their role in the remediation process.

To achieve robust internal alignment and streamlined collaboration here are five key steps to developing a thorough response plan:

Exit mobile version