lundi 27 octobre 2014

HP launches free executive tools to reduce the impact of security incidents

Executive meeting


More than 70 percent of executives think their organization only partly understands the risks it could be exposed to as a result of a data breach. This is among the results of a study from technology giant HP into the importance of executive involvement in breach responses.


In addition less than half of board-level executives are kept informed about the breach response process and only 45 percent believe they are accountable for the incident response process.


Some 79 percent of respondents say executive level involvement is necessary to achieving a successful data breach response, while 70 percent believe board level oversight is also crucial. However, only 45 percent of executives believe that their own enterprise's incident response process is either proactive or mature.


In terms of what constitutes a serious incident, 57 percent of respondents say the lost or theft of more than 10,000 records containing confidential or sensitive information constitutes a significant data breach. In cost terms, a data breach that averages approximately $2 million is considered significant.


"Without a well thought out plan in place, and without the proper guidance, training and process instituted throughout the organization, executives can stumble when dealing with the public outcry once sensitive data has been compromised", says Arthur Wong, senior vice president and general manager, Enterprise Security Services at HP. "No amount of spend can completely protect organizations from highly sophisticated cyber attacks, but how prepared an organization is in the event of a breach can mean the difference between a speed bump in the road or a catastrophic business event".


To help executives prepare for handling data breaches HP has made some free online resources available as part of an Executive Breach Response program. These include a study exploring how 300 global organizations plan and use best practices to prepare for cyber security incidents.


There's also a breach response assessment which contains a series of questions to compare an organization's answers to those of its industry peers. Using the tool, an individual can assess an organization’s ability to respond to a data breach and identify areas of strength and weakness when it comes to preparing for a breach.


A breach response playbook offers scenarios, best practices, and benefits in planning that will help organizations be prepared in the event of a data breach. Finally there are a series of webinars to help executives draft and implement breach preparedness plans.


The full report and details of the Executive Breach Response program are available on HP's website.


Image Credit: Pressmaster / Shutterstock






Aucun commentaire:

Enregistrer un commentaire