Global investigations firm Kroll Advisory Solutions released its 2013 Cyber Security Forecast, highlighting the most unexpected cyber issues organizations will confront in the year ahead and best practices for addressing them.
Kroll offers four unexpected cyber forces to be reckoned with in 2013 and recommendations for addressing them:
Vampire Data: Get Bitten by the Data They Never Knew They Had
What organizations can do now to prepare: Take a data inventory, classify it by confidentiality or sensitivity level, and handle it accordingly. Only allow users to access the data they need and provide employees with regular data handling training to avoid unnecessary data propagation or transmission. Investigating a breach of vampire data can put significant strain on internal resources, so it is a good idea to engage an outside consultant to help you determine what was lost.
Forgotten Forensics: Organizations Gain New Appreciation for Data Forensics in the Wake of a Breach
What organizations can do now to prepare: Turn on your logs and make sure they are retained long enough to be useful. But it’s also helpful to perform a security assessment and train key employees in the basics of immediate breach response. Those employees who are most likely to be first responders in a breach should know how to respond without wiping out vital evidence needed to understand the incident, or if applicable, meet the requirements set by the cyber insurance policy carrier.
Hackers Out for the Kill: Hackers Aren’t Out to Steal Your Data, They’re Out to Destroy Your Company
What organizations can do now to prepare: While this seems like a problem strictly for large enterprises, players are already beginning to develop and deploy these tactics on organizations of all sizes and in all industries. These groups may be looking for profit, perhaps holding your data for ransom, but the end result is still the same, and the stakes are high. Make sure you have a backup plan. Don’t assume that because you have backup tapes you have a plan for restoration. If you are outsourcing IT functions, make sure your third parties understand their role in getting you back up and running – and you’ll want to test their ability to do so.
The Gift of Gab: The Luxury of Nondisclosure Is a Thing of the Past
What organizations can do now to prepare: It is becoming increasingly important to contract with outside resources – an investigation and forensics partner, a privacy law firm, and/or a breach notification partner. When a security incident occurs, having providers in place to assist with the investigation, advise on current legal requirements, and prepare a response should it experience a breach of PII will save time and expense for the affected organization.
About Kroll Advisory Solutions: Kroll Advisory Solutions, the global leader in risk mitigation and response, delivers a wide range of solutions that span investigations, due diligence, compliance, cyber security and physical security. Clients partner with Kroll Advisory Solutions for the highest-value intelligence and insight to drive the most confident decisions about protecting their companies, assets and people.
Kroll Advisory Solutions is recognized for its expertise, with 40 years of experience meeting the demands of dynamic businesses and their environments around the world. Headquartered in New York with offices in 29 cities across 17 countries, Kroll Advisory Solutions has a multidisciplinary team of 700 employees. For more information, visit: www.krolladvisorysolutions.com.
Source: Kroll Advisory Solutions.com