Intelligent SME.tech Issue 23 | Page 41

intelligent

// FEATURE //

Bolster your business

WITH INCIDENT RESPONSE PLANNING

James Tamblin , BlueVoyant UK President , outlines the importance of businesses having an incident response plan in place to respond to cyberattacks quickly and efficiently . He highlights the steps organisations should take to develop a reliable incident response plan .
NSURING THAT BUSINESSES

E are properly prepared to react to a cyberattack , and to secure assets and data afterwards , is entirely dependent on the proactive steps businesses take in advance so they can respond to such an incident quickly and efficiently .

This is why businesses must have an incident response plan in place , detailing how they should respond to cyberattacks . This plan should have complete buy-in across not only the cybersecurity or IT divisions , but the entire company from marketing and sales to the CEO and Board , if applicable .
This is crucial in businesses of all sizes to ensure that everyone is reading from the same hymn sheet should the unthinkable happen . Knee-jerk reactions to a cyberattack , both internally and externally ( to customers , partners , stakeholders and the press ), can do far more damage than a carefully considered approach .
Evidence that organisations may have already suffered a cybersecurity incident
Businesses , dependent on their size and internal cybersecurity capabilities , should look – or engage their Managed Security Service Provider ( MSSP ) – to analyse whether they are suffering from any of the following lapses in security , which may indicate that a cyberattack is imminent or already in progress :
• Does the business have open , at-risk ports , such as remote desktop protocol ( RDP ), authentication and datastore ports ?
• Is there evidence of outbound traffic to known malicious infrastructure ?
• Is the business being targeted by known IPs that are associated with ransomware ?
How to secure your business in the event of an attack
If an organisation detects that the above anomalies are taking place , they should
Intelligent SME . tech
. tech
41