Incident Response Exercises Not Taken Seriously by Business Leaders

Aug 12, 2020 02:00 pm Cyber Security 271

Incident Response Exercises Not Taken Seriously by Business Leaders

Only 2% of organizations have run incident response scenarios related to the pandemic response.





According to research by Immersive Labs of 402 organizations, nearly 40% are not fully confident in their teams training to handle a data breach if one occurred, and 65% of exercises consist of reviewing PowerPoint slides.





In an email to Infosecurity, Heath Renfrow, director and vCISO at the Crypsis Group, said incident response is one of the pillars of a sound information security program, and it needs to be taken more seriously—not only among the organization’s information security team, but all the way to the CEO and board of directors.





“It is evident from the incident response cases we assist with daily that incident response is frequently viewed strictly as information security/IT’s responsibility, rather than from an overall business perspective,” he said. “This is unfortunate, because many across the business—from leadership to legal, communications and HR staff—have a potential role to play and can help influence better outcomes and the right cultural mindset to be better prepared for an incident.”





Renfrow said that to build stronger programs, incident response plans and playbooks should be developed and exercised at a broad company level — but that requires buy-in from the top leadership.





He recommended an approach, in order to achieve buy-in, to first run tableto ..

Support the originator by clicking the read the rest link below.

incident response exercises taken seriously business leaders
Read The Rest from the original source
infosecurity-magazine.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!