PERSPECTIVES FROM THE CAMPUS

One of the strengths of Indiana is that we bring together a variety of perspectives from the plethora of areas that touch the field of cyber, especially through the colleges, universities, and other institutions of higher education throughout our state. Hence the name "Perspectives From the Campus Series”, we invite experts -- immersed in the pursuit of educating their students -- to offer their knowledge for finding solutions in cybersecurity that benefit all Hoosiers.

In the latest installment of this series, David Dungan, who serves as the Executive Director at the Center for Security Services and Cyber Defense at Anderson University, discusses the importance of the proactive role that cyber incident responders provide as it relates to keeping companies and organizations safe and secure when it comes to avoiding a cyber incident or falling prey to a cyberattack.  

By David Dungan

Cybersecurity is becoming more present in everyday life and business environments. Workers are dealing with new cybersecurity requirements every day - don’t click on links in your email, don’t use thumb drives, don’t breathe on the space bar, etc. But what happens when an employee makes that mistake? Accidentally clicking on a bad link, downloading a trojan virus - what steps does the organization take next? They call in the cyber incident responders.

Cyber incident response can be a difficult and high-stakes job. Cyber incident responders are in charge of making sure that the organization can be up and running, safely and securely, as soon as possible. Their job is to limit the impact of a cyber incident on an organization, often saving the company time, money, and resources. They do this through a number of steps before and after a cyberattack.

Before a cyberattack, companies and organizations are well advised to take several  precautionary measures, which can help hinder, or potentially stop, an event before it occurs in the first place. Among the steps you’ll want to initiate and follow include:

• Identifying network and device vulnerabilities specific to your organization’s operations.
• Prioritizing and instituting cybersecurity measures
• Consider monitoring your organization’s network traffic
• Developing policies and conducting training
• Developing a communications strategy

However, precautionary measures can’t always cover every situation; this is especially true when it comes to zero-day attacks. Once an event has occurred, incident responders often have to switch gears and dedicate time to:

• Tracking down the exploit via computer or firewall logs
• Fixing the exploit for all devices
• Returning devices back to operational capacity

So, how much money do incident response plans actually save? To measure this, IBM has their Cost of a Data Breach report, stating that companies that invested in cyber response were saving $1.7 million dollars per breach over companies that skipped it. Even if the incident has already happened, having proactive and reactive measures in place is vital for the company or organization to recover as smoothly as possible.

Of course, the precautionary measures that incident responders put in place are only as effective as the ability by everyone following through and implementing what’s been recommended. It comes down to doing the little things, or the basic steps we take every day, such as making sure you close your laptop whenever you get up, even if it’s just dropping off some paperwork next door.

And be sure, as always, to avoid opening any emails you find to be suspicious or clicking on any links that might be trying to take you – and your company’s critical data or its finances – to a scam from a would-be cybercriminal that could be from anywhere, even if that “anywhere” is halfway around the world.

In doing so, you’ll be better prepared and, for that, to borrow a line from the movie, “Ghostbusters” you’ll be able to answer the question of “Who you gonna call?” thanks to your cyber incident responders and the important role they play in keeping all of us cybersafe and secure!