Security Think Tank: Monitoring and response capabilities key to mitigating cyber attack

To what extent should businesses worry about malware and what steps should they take to mitigate such attacks?

It is Isaca’s view that businesses of all shapes and sizes should regularly and consistently perform threat and vulnerability analyses of their critical business processes, core and sensitive data assets, and associated information infrastructure to help them evaluate and manage risks associated with them.  

Destructive attacks tend to be more obvious and serve to promote a position of the attacking party rather than attempt to gain access to or exploit data. 

This does not make them any less dangerous –and given recent events, their likelihood of occurrence should be considered fairly reasonable.  

To counteract these attacks, organisations should have consistent, mature and regularly exercised security monitoring capabilities and incident response plans that use the input from the threat and vulnerability analysis to identify attack behaviour as early as possible, and then effectively respond to them if they are successful.

Early warning and effective preparation can help to minimise the impact of attacks.  

Read more on this topic from the Computer Weekly Security Think Tank

From a business continuity perspective, organisations should also consider options of replicating key data assets and capabilities on systems that are not mirrors of each other and, in fact, operate on completely different operating systems, applications, networks, and storage solutions. 

This will reduce the ability for the attack to affect all of an organisation’s data and computing assets with the same attack methods and capabilities. 

John Pironti is a risk advisor at Isaca and president of IP Architects


Read more on Hackers and cybercrime prevention