![adarma_logo_twgt-black[11615449]](https://adarma.com/wp-content/uploads/2022/10/adarma_logo_twgt-black11615449.png){kind=logo}
BLOG
November 9, 2023
Post-Attack: What CISOs Need to Know
Adarma recently partnered with HotTopics to host a roundtable at the iconic Abbey Road Studio to discuss the critical actions CISOs must take post-attack, from notifying stakeholders to conducting forensic analysis, all while maintaining calm and resilience.
Led by Matt Hmoud, Head of Security Consulting at Adarma, the discussion explored the human element of cybersecurity and measures to embed operational resilience into the foundations of your organisation.
The panel included seasoned cybersecurity experts Dr David King, former CISO, Legal & General and Visiting Fellow of Kellogg College, Oxford University, Thomas Zuliani, Global CISO at ARLA, Howard Pinto, Group CISO at Camelot and Bradley Schaudenbuel, VP & CIO at Paychex, Inc.
Watch the highlights video below for their recommendations on how to respond to and recover from a cyber-attack, featuring practical steps to consider before, during, and after an incident. This content is a must-see for CISOs wanting to fortify and future-proof their cyber resilience.
Key Insights
Supply Chain Vulnerabilities: Regardless of the organisation’s size, the supply chain remains a notable weak point. Mitigating this risk requires rigorous vetting of third-party partners and fostering transparency.
Securing the Perimeter: In the event of an incident, it’s crucial to isolate your network to prevent the spread of malware immediately. Lower the drawbridge only when your network is confirmed to be clean, and any vulnerabilities have been addressed.
Thorough Investigation: Despite time constraints and pressure, it’s imperative to conduct a comprehensive investigation. Avoid prematurely jumping to conclusions, as it can lead to false starts, wasting valuable time and resources. Learn to push back when necessary and request more time for investigation.
The CISO’s Role: The CISO serves as the linchpin in communication, bridging the gap between cybersecurity teams managing ongoing incidents and the C-suite. Effective communication is pivotal in a crisis.
Sophisticated Threats: Cyber attackers continue to advance their tactics. To counteract this, organisations should invest in consistent user training and bolster cyber awareness across the board.
Incident Simulation: Just as athletes develop muscle memory through practice, organisations should rehearse their incident response plans. This helps ensure that staff members understand their roles during an incident, promoting a coordinated response.
Streamlined Escalation: Make it easy for users to report concerns to the appropriate teams, ensuring a swift response to potential threats.
Trusted Security Providers: Collaborate with trusted security partners who possess the expertise to help you fortify operational resilience within your digital infrastructure. Their actionable threat intelligence can keep your organisation ahead of evolving threats.
Redundancy and Rotation: Prepare backup plans for your backup plans. Ensure you have the necessary systems and personnel in place to support your security teams. Cyber incidents can extend over days or weeks, so having the capacity to rotate your team is crucial to prevent burnout and errors.
To gain a more complete understanding of the cybersecurity landscape, please watch the full video here.
Let’s Talk
If you would like to learn more about how Adarma can support your organisation’s cyber resilience, please get in touch with us at hello@adarma.com
To hear more from us, check out the latest issue of ‘Cyber Insiders,‘ our c-suite publication that explores the state of the threat landscape, emerging cyber threats, and most effective cybersecurity best practices.
You can also listen to our new podcast, which explores what it’s really like to work in cybersecurity in today’s threat landscape.
Stay updated with the latest threat insights from Adarma by following us on Twitter and LinkedIn.