Security Incidents, Events, And Breaches Essay

921 Words Oct 5th, 2016 4 Pages
Security incidents, events, and breaches have become not if, but when, scenarios for organizations of all sizes. Preparing for these security equivalents of hurricanes is absolutely critical for CISOs everywhere. Strategic preparation will be your storm shutters in the days that follow. Getting your Board of Directors to understand the necessity of planning ahead shouldn’t be an especially daunting task, but there are shifts in what and how you communicate with your Board at each stage of a security incident.
The Calm Before the Storm: Pre-Incident
Most organizations are fortunately in a pre-incident state, but Boards still seek confidence from the CISO that they are prepared for the eventuality of one unfolding. Providing your Board with details about your capabilities should focus less on what types of detection tools you have and more on what percentage of network visibility your security operations team has. If you have been implementing additional tools and increasing your team’s ability to identify incidents, you may even be identifying more incidents than before. Assure your Board that this is a good thing, because you are seeing what went previously undetected. Reporting on your time to triage and time to remediate is a stronger indicator than the misleading metric of decreasing numbers of incidents in the first place.

Both during Board meetings and out-of-cycle, Board members will often ask about recent newsworthy breaches and whether they could be replicated in…

Related Documents