Phishing attacks, insider threats, denial of service disruptions, malware and ransomware — cybersecurity incidents like these happen on a daily basis. For most of these incidents, the onsite IT team will remediate based on a pre-developed plan and process. And for many of these incidents, that’s a solid approach.
But those incident response plans and strategies are IT oriented and geared toward short-term fixes and single incident responses. Meaning, if an incident accelerates beyond a handful of infected laptops or a compromised server and begins to affect operations of all or even part of the organization, business itself can be disrupted — or even shut down entirely.
When a Security Incident Becomes a Company-Wide Crisis
The aftershocks of an incident-turned-crisis can be profound. In 2013-2014, a global internet services provider (which was in the process of being sold to a new parent company) fell victim to just such an attack. The credentials of three billion user accounts were exposed, along with the personally identifiable information (PII) of 5 million customers. But one of the more striking fallouts of the crisis — along with tainted reputation and diminished brand value — was a reduction of roughly $350M to the final sales price of the company.
And therein lies the difference between a cybersecurity incident — one handled solely and efficiently by IT — and a cybersecurity crisis, which affects multiple organizations within a company (or the entirety of the company itself). Seldom do executives find themselves in a situation where they must explain an individual cybersecurity incident and its response to the board of directors and shareholders. But in a crisis when the aftershocks are profound — such as a $350M reduction in sales price — executives can be assured they will likely be tapped t ..
Support the originator by clicking the read the rest link below.
