On Monday we published our fourth annual Data Security Incident Response Report, which provides an analysis of the more than 560 cyber incidents handled by the team in 2017. Reflecting on the increasingly sophisticated nature of attacks, the aggressiveness by regulators in researching breaches and the expectations of highly developed responses, the report offers intelligence to help entities reduce their risk profile, build resilience, and be better prepared to respond when incidents occur.
While all incidents cannot be prevented, there are measures entities can take to minimize their attack surface and reduce the frequency and severity of incidents. Equally important, given the increase in attacks intended to disrupt operations, is a focus on building cyber resilience for an agile response. It can be hard to know where to begin, especially in an environment of constant change – but taking steps to proactively address these issues is what we call being Compromise Ready.
Our goal in publishing this Report is to offer practical steps you can take to reduce your risk profile, build resilience, and be better prepared to respond when an incident occurs. The data and experience behind the recommendations come from our work on more than 2,500 incidents in years past. Just as security teams use threat intelligence to prevent attacks, we hope you will use the Compromise Response Intelligence from this Report to prioritize and gain executive support for security spending, educate key stakeholders, fine-tune incident response plans, work more efficiently with forensic firms, assess and reduce risk, build scenarios for tabletop exercises, and determine cyber liability insurance needs.
We will post expanded thoughts on key sections from the report on this blog in coming weeks.