Implement Critical Event Management to Respond to a Cyber Attack

Where cybercrime is concerned, it’s not whether an organization will be attacked, it’s when.

Juniper Research reports that cybercrime costs globally will exceed $2.1 trillion by 2019. That is four times the cost of data breaches in 2015. By 2020, a single cybersecurity breach will cost more than $150 million.

How organizations respond to cyber-attacks and other emergencies can help mitigate any damage and make the recovery process more efficient.

Put Plans in Place for Emergency Response

A recent TechRepublic article highlighted OnSolve’s Critical Event Management (CEM) solution, which can help bring about an integrated response to emergencies such as cyber-attacks, severe weather, power outages and other incidents. To effectively manage an unpredictable situation, organizations need to be proactive and establish a CEM before an incident occurs.

As the TechRepublic article notes, critical events such as cyber-attacks can occur at any moment, but too many organizations are not prepared to manage such events. Generally, organizations’ IT departments steer preparation for cyberevents and have plans in place to limit damage and return to normal operations as quickly as possible.

However, research finds that most organizations take a more reactive, ad hoc approach toward applying incident management and response beyond IT. Response activities tend to be highly compartmentalized. Few organizations have programs in place that effectively marshal resources necessary to address critical incidents.

Strengthen Decisions with CEM

CEM provides a true advantage. It beefs up organizations’ emergency preparedness by taking a broader view of potential risks. It addresses decisions that affect an entire company, so critical decisions are not based entirely on an IT department’s perspective. Instead, they’re based on how information resources, employees or other key stakeholders may be at risk.

CEM helps organizations rapidly form and communicate unified responses to any emergency situation, including cyber-attacks and major IT outages. Within CEM, employees from all departments help make decisions, which reduces the possibility of missing or misjudging critical pieces of information. As a result, an organizational emergency response plan is more thorough and more effective.

CEM provides an architecture that organizations can work within to effectively prepare for and navigate an emergency incident. The framework includes the following activities:

  • Assess: What actually happened and what is the impact? This includes gathering threat data and contextual information needed to assess the magnitude of a risk from a range of sources.
  • Locate: This includes identifying employees and visitors who could be in harm’s way, employees needed to resolve the particular event and key stakeholders the event affected.
  • Act: When should the response be started?
  • Analyze: Review the effectiveness of the incident response. In particular, ask if resources were missing and which tasks took too long.
  • Visualize and orchestrate: These important components will help build a complete picture of the security event from multiple viewpoints.
  • Communicate and collaborate: Keep employees and key stakeholders informed about what is happening and what they need to do.

A CEM also includes software components designed to ensure high availability of an organization’s resources.

Common CEM Use Cases

CEM helps organizations target communication to stay operationally sound in case of an emergency. It applies to these aspects of emergency response and others:

  • Incident management: CEM offers dynamic incident response capability, with a high degree of automation that draws on multiple integrated systems, workflows and communications.
  • IT alerting: An automated response process can involve not only IT operations, network operations and the security team, but also DevOps and storage.
  • Safety: By combining the ability to track dynamic employee locations with a mass notification system, businesses can contact employees on their device of choice and provide information to help ensure their safety during location-based emergencies.
  • Supply chain: CEM systems can integrate weather, threat and sensor data feeds to help organizations understand risks to their supply chain routes and assets, and to know when to reroute shipments to assure supply.

How Can You Benefit from a CEM?

Keep your organization sound during and after a cyber-attack or any other emergency by expanding your preparation. Do not be one of the organizations that simply was not prepared. Contact OnSolve today to learn more about how CEM can benefit your organization.

Article Cover

Ten Common Pitfalls to Avoid in Crisis Communication

Crisis situations and many other unexpected events are chaotic by nature. When you’re in charge of sharing critical information with your stakeholders, this chaos can be greater than needed if you and your team aren’t prepared with a well-defined communication plan.

Download The Article