5 Steps Retailers Should Take to Handle a Cyberattack
Enterprises can defend proactively against cyber attackers by actively investigating the environment for indicators of compromise (IOCs) and looking for suspicious behavior. It's important to stay current with the latest threat intelligence and available countermeasures, deploying them as appropriate in the context of your environment. This includes keeping all software up to date and ensuring that patches and bug fixes are applied in a timely manner.
5. Automate incident response. It can be a challenge initially to be proactive with cyber defense because you're investing resources in detecting attacks before they occur. However, this is where automated, continuous threat removal solutions can help by leveraging the skills and manpower of the IT department and multiplying their efforts. Automation eliminates the need to perform manual work that's necessary, yet time consuming and expensive — e.g., collecting endpoint data from a large number of hosts and searching for IOCs.
To begin to incorporate automation into your approach to incident response, consider the following:
- Select solutions that you and your team trust and that integrate with your existing security infrastructure.
- Evolve from manual methods to automation over time as your comfort level grows and the value is demonstrated. Begin with simple steps that leverage automation and then slowly incorporate more sophisticated methods.
- Monitor how automation is benefitting your bottom line — i.e., saving costs while enhancing security by freeing up skilled security staff.
The time and costs of mitigating and recovering from malware attacks is significant. According to a 2014 global report from the Ponemon Institute, it takes an organization an average of 31 days, at an average cost of $20,000 per day, to resolve a cyberattack, making the average cost of a single breach around $640,000.
Retailers can't avoid being the target of a data breach, but they can improve their response and mitigate the impact of attacks now and in the future by proactively preparing a response plan. Taking into consideration the outlined security strategy and automating security tactics will help strengthen any organization's cybersecurity plan by changing their defensive position to an offensive one.