Are you prepared to respond?

We are constantly told that there are two kinds of businesses – one that has been breached and one that will be. If a breach is inevitable, why do we spend so much money on prevention and very little on detection and response when an Incident Response Plan may be your saving grace.

Prevention, Detection & Response

It seems that there is an imbalance between prevention, detection and response for many companies. Admittedly, getting funding for writing policies and procedures for Incident Response is a lot more difficult than a shiny new firewall that has lots of blinking LEDs. Besides, implementing firewalls, web application filters, and that fancy port access system you just acquired, are just plain fun to play around with – who wants to write documentation anyway?

I do, actually

It’s time for a shift in thinking. Having a plan to know what to do when an incident occurs must be top priority – especially if the InfoSec pundits are right about everyone eventually getting breached.  The ability to detect incidents is obviously a prerequisite to having an incident response plan. In my next post, I will talk about why many companies don’t have the visibility they think they do when it comes to detecting incidents.

If you need some help putting together an Incident Response Plan, Peters & Associates can help you put together the basics quickly and also guide you through establishing a long-term strategy.  Contact us to speak with one of our security solution experts at info@peters.com or 630.832.0075.

By |2018-12-18T12:17:46-05:00February 8th, 2017|Security Solutions|Comments Off on Are you prepared to respond?

About the Author:

As the Information Security Architect at Peters & Associates, Thomas Johnson (TJ) is responsible for providing security and compliance leadership. This includes such areas as vendor management, disaster recovery, business continuity, data protection, security products, budgeting and risk management. He has over 25 years of experience in security and technology and has extensive compliance related expertise in banking and healthcare. TJ holds many security related certifications as well as a Master’s Degree in Information Technology Management with a specialization in Information Security from the Illinois Institute of Technology in Technology. TJ focuses on Security Leadership, Risk Management, Information Security Assessments, Compliance Management and DR / BCP.