One of the most telling signs of the strength of a company’s security posture is how the company responds when a cyber breach occurs. Were people prepared? How quickly was it discovered? Did the company itself discover the breach or was it alerted by an external source? There is often an industry-wide evaluation of whether the company’s response to the issue was successful. One high profile example is the 2014 breach of eBay’s customer databases, which resulted in the compromise of over 145,000,000 customer records. At the point of breach, eBay had good visibility of its network, knew where the attackers had been and realised it had been hacked very early on in the process. The company was able to act swiftly to communicate to customers what data was or wasn’t compromised, what customers should do to protect themselves and what steps eBay were taking to mitigate the threat. This contained financial and reputational damage and helped restore customer confidence. Ensuring Employees are Well Versed on Procedure Preparing the response of senior executives to a cyber breach is a key component of Red Teaming. As we discuss in our white paper, the purpose of a Red Team engagement is to simulate the approach a real-world attacker would adopt when targeting a business. This enables the company to understand how their people, processes and technology perform against the Tactics, Techniques and Procedures (TTPs) an attacker would use. A Red Team engagement should also highlight who within the organisation is responsible for publicly responding to a breach. This can include PR directors, investor relations, marketing departments and C-Level executives. Red Teaming doesn’t stop there. It also delivers detailed and practical reports that build on the key findings learned, including any requirements for the technical team, details the risks still present and immediate / strategic improvements that are necessary. The organisation’s information security policy should span the entire business, ensuring that all employees are made aware of the types of potential threats that exist and the actions that everyone must take to keep the company secure. Red Teaming is a powerful initiative to help companies of all sizes reach this goal. Our white paper contains everything you need to know about the process and the value it offers to your business.
25 May 2016