Juniper Research reports that cybercrime costs globally will exceed $2.1 trillion by 2019, four times the cost of data breaches in 2015. By 2020, a single cybersecurity breach will cost more than $150 million.
How organizations respond to cyber-attacks and other emergencies can help mitigate any damage and make the recovery process more efficient.
Putting plans in place for emergency response
A recent TechRepublic article highlighted how Critical Event Management (CEM) solutions can optimize integrated response to emergencies such as cyber-attacks, severe weather, power outages and other incidents. To effectively manage an unpredictable situation, organizations need to be proactive and establish a CEM before an incident occurs.
As the TechRepublic article notes, critical events such as cyber-attacks can occur at any moment, but too many organizations are not prepared to manage such events. Generally, organizations’ IT departments steer preparation for cyber events and have plans in place to limit damage and return to normal operations as quickly as possible.
However, research finds that most organizations take a more reactive, ad hoc approach towards applying incident management and response beyond IT. Response activities tend to be highly compartmentalized. Few organizations have programs in place that effectively marshal resources necessary to address critical incidents.
Visit Innovation Enterprise’s Big Data Innovation Summit in Boston on September 11–12, 2018
Strengthening decisions with CEM
CEM provides a true advantage, it enhances organizations’ emergency preparedness by offering a broader view of potential risks. It addresses decisions that can affect an entire company, so critical decisions are not based entirely on an IT department’s perspective. Instead, they’re based on how information resources, employees or other key stakeholders may be at risk.
CEM can assist organizations rapidly form and communicate unified responses to any emergency situation, including cyber-attacks and major IT outages. Within CEM, employees from all departments help make decisions, which reduces the possibility of missing or misjudging critical pieces of information. As a result, an organizational emergency response plan is thorough and effective.
CEM provides an architecture that organizations can work within to effectively prepare for and navigate an emergency incident. The framework includes the following activities:
- Assess: What actually happened and what is the impact? This includes gathering threat data and contextual information needed to assess the magnitude of a risk from a range of sources.
- Locate: This includes identifying employees and visitors who could be in harm’s way, employees needed to resolve the particular event and key stakeholders the event affected.
- Act: When should the response be started?
- Analyze: Review the effectiveness of the incident response. In particular, ask if resources were missing and which tasks took too long.
- Visualize and orchestrate: These important components will help build a complete picture of the security event from multiple viewpoints.
- Communicate and collaborate: Keep employees and key stakeholders informed about what is happening and what they need to do.
A CEM also includes software components designed to ensure high availability of an organization’s resources.
Common CEM use cases
CEM helps organizations target communication to stay operationally sound in case of an emergency. It applies to these aspects of emergency response and others:
- Incident management: CEM offers dynamic incident response capability, with a high degree of automation that draws on multiple integrated systems, workflows and communications.
- IT alerting: An automated response process can involve not only IT operations, network operations and the security team, but also DevOps and storage.
- Safety: By combining the ability to track dynamic employee locations with a mass notification system, businesses can contact employees on their device of choice and provide information to help ensure their safety during location-based emergencies.
- Supply chain: CEM systems can integrate weather, threat and sensor data feeds to assist organizations understanding risks to their supply chain routes and assets, and to know when to reroute shipments to ensure supply.
How can you benefit from CEM
Keep your organization sound during and after a cyber-attack or any other emergency by expanding your preparation. Do not be one of the organizations that simply was not prepared - start investigating how CEM can help you prepare today.