Due to the rapidly increasing threat of cyber-attacks and intrusion, Domain has created a dedicated Cyber Security section to its portfolio of IT Assessments. Cyber security is an integral part of Domain’s IT Assessments. The assessment is the first of four stages in Domain’s cyber security process. The four stages are assessment, prevention, monitoring, and response. The stages can be conducted together (consecutively) or a la carte.
Using network analysis tools, we measure your network’s current state of security and identify system vulnerabilities. We analyze your network from inside of your firewall and from outside of your firewall. A detailed report of your firm’s current security level is generated and reviewed with your management team.
Based on the information from the analysis above, we work with your team to “lock down” your network. This may be as simple as closing unnecessary network ports which are openings to the outside world, to more complex tasks such as implementing new and more advanced firewalls and perhaps encrypting your data.
Hackers are persistent and are constantly changing their tactics. Due to the dynamic tendency of cybercrime, cyber security must be a constant, ongoing battle.
We implement sophisticated software to monitor your network traffic and notify us when suspicious activity is detected. If suspicious activity is detected, an alert is issued and we take immediate measures to protect your business against any threats.
Response (Investigation and Recovery)
Domain implements tools that isolate changes to your network so that we determine which changes were intended and which, if any, were malicious. This software not only helps us monitor your network, but also assists us to perform forensic analyses to determine what if any information was modified, deleted or stolen.
Based upon our findings, you may be required to notify government agencies about the breach and you may be required to notify your customers, especially if personal information is involved. Domain can use the above-mentioned tools to provide you with the needed information.
Recovery is also part of the Response phase. During this phase, Domain will help your organization get back on its feet by recovery information where possible and providing advice where necessary.
The main concern associated with cyber security is not IF your system will be pierced- but WHEN. Organizations must have a cyber-intrusion response plan created before this incident occurs, in order to protect the organization from negative implications.
The plan should include:
- Determining where the intrusion occurred (or what was “hacked”). This requires implanting a change tracking software in advance of any attack.
- Determining what information was stolen or tampered with.
- Determining how to close the system vulnerability (the “hole”).
- Determining how to clean all remnants of the hack from the system.
- Immediately notifying everyone whose information was stolen or suspected of being stolen.
- Providing credit monitoring, management, and restoring assistance to the accounts stolen.
- Implementing a public relations campaign to protect and restore brand image.
- Using and executing cyber insurance.
As you can see, cyber security planning no longer entails just protecting the system from hacking, but also includes accepting ahead of time that the system may be hacked and putting a strong response plan in place that will help the organization recover successfully from the cyber-attack in a minimal amount of time.
Cyber Defense and Cyber Attack Response Planning – Boardroom Oversight
A detailed security and response plan should be written by IT management and approved at board level. The reason for activity at the board level is the dramatic increase of the chance of hacker intrusion. The preventative plan will define defense mechanisms in place, as well as mechanisms to determine if an intrusion has taken place and which information was compromised, if any.
If attacks are not appropriately anticipated and planned for, the damage of a cyber-attack will not only occur within the company, but will also injure the organization’s reputation.
Due to the severity and nature of the threats presented by cyber intrusion, cyber security planning and response plans require board of director level involvement and oversight.
Click here to learn why cyber security is a board, owner, and chief executive level issue.