Connect with us

Hi, what are you looking for?

HEADLINES

What to do before, during, and after a cyber attack

20160122 Symantec - Corporate Portraits  (397) croppedBy Yuh Woei Tan, Symantec Senior Director for Cyber Security Services

With around 33.6 million of internet users in the Philippines and a staggering 22 percent increase in internet penetration in the past year, the Philippines stands as a very attractive target for cybercriminals.

Based on the 2014-2015 Philippine Cybercrime Report published by the Department of Justice-Office of Cybercrime, intellectual property theft is deemed a major threat not only to consumers but to businesses as well. Records in 2012 showed a surge in intellectual property theft cases, 42% of which were targeted towards manufacturing sectors and small businesses. The report states that consumers and businesses remain susceptible to ransomware and mobile threats, particularly on the Android platforms.

Eventually, your organization will be targeted in a cyber-attack. While security incidents may be inevitable, the consequences of data breaches don’t have to be. Breaches are often the result of a lack of cyber security readiness, early detection, or timely response. So, what are the proactive measures that should be taken against breaches?

Before the cyber attack

Advertisement. Scroll to continue reading.

Take these steps to help your organization before an attack:

• Prepare early and often. Preparation is not just a document. As Symantec’s newly released white paper entitled “Anticipating the Breach” advocates, it’s a living program that needs to be built, tested, and refined—and then tested and refined again and again.

• Build an effective team. Make it a priority to continually develop and grow the security team by assessing their skills, identifying gaps, and training them in realistic scenarios. The security plan is nothing without a solid team behind it.

• Integrate global threat intelligence. Adversaries are constantly changing tactics. Organizations need to create a defined threat intelligence program that continually monitors global adversary trends and campaigns.

During the cyber attack

Advertisement. Scroll to continue reading.

Today, attackers are using sophisticated tactics to evade detection while infiltrating defenses—and many of these attacks go unnoticed for months or even years. Knowing how to react in the midst of an attack is critical.

• Detect and respond quickly. The faster an incident is detected and prioritized as critical, the faster resources can be allocated to respond.

• Apply threat intelligence. Armed with the right level of global threat intelligence, you can go on the offensive and proactively hunt for threat indicators within your own environment. Consider partnering with a security technology and intelligence partner who can help extend the technical and human resources capability of your own security team.

After the cyber attack

• Contain and remediate. Your response team must contain and remediate as fast as possible so an incident does not result in a breach.

Advertisement. Scroll to continue reading.

• Post-attack executive briefing. Have a final executive briefing to review lessons learned and assess your cybersecurity program.

• Training and testing. Incident response teams need constant training, development, and testing to build incident readiness “muscle memory”. Once that incident occurs, a trained and tested response team will be ready to take immediate action.

Overall, incorporate lessons learned from the attack to refine your security program and prepare your teams for future incidents.

 

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

Located in the Kaspersky office, the new facility will provide the company’s stakeholders with services ranging from an overview of Kaspersky’s practices, to a...

HEADLINES

Smart and Maya emphasize that they never send SMS with links requesting login credentials, personal information, or account verification. If you receive such a...

HEADLINES

In this new scheme, scammers call potential victims claiming that their phone number has been linked to illegal activities. The fraudsters would then extort...

White Papers

With an increase of 9% the industry is one of only three sectors with an increasing attack rate beside healthcare (+7%) and financial services...

HEADLINES

In August alone, PLDT and Smart’s Cyber Security Operations Group (CSOG) blocked access to more than 400,000 URLs that host child sexual abuse and...

White Papers

The survey reveals a crucial opportunity for mobile brands in the Philippines to stand out by prioritizing mobile app security and creating a better...

HEADLINES

Kaspersky’s solutions recorded Necro attacks targeting users in Russia, Brazil, Vietnam, Ecuador, and Mexico as part of this malicious campaign.

HEADLINES

Customers who received text scam and other phishing messages are encouraged to report these incidents to HULISCAM at https://smart.com.ph/huliscam. The portal will ask customers to...

Advertisement