26 Feb, 2024

Security Incidents Aren’t “IT Problems” 

Category: Education | Insight | Security Incident Handling
Black background with green text that reads "security incidents aren't IT problems"

Collectively, Evertas team members have worked on hundreds, if not thousands, of security incidents involving cyber, physical and reputation risk. We’ve learned that everyone gets hacked, and that the companies that emerge better from hacking incidents are the ones that anticipated the threat and planned ahead. Through fast and reliable detection and a competent, credible Incident Response (IR), they control how events play out. 

Everyone Gets Hacked. Are You Prepared?  

An important starting point for assessing your incident response readiness is evaluating how security incidents are characterized in your organization. Specifically: is it understood that information security incidents are not exclusively an IT problem? 

An information security incident (such as a hack, a data breach, or ransomware) affects the entire organization from customer support to employee morale, from public reputation and shareholder confidence to regulatory compliance. The most effective responses we’ve seen are not just “all-hands-on-deck,” for technical teams; they’re collective, cross-functional problem-solving.  

If your organization’s planned response to a security incident would be having your engineering team “fix the problem,” please know that their efforts can’t stop your customers from panicking or getting confused. IT won’t stop the media from swarming or the SEC or the European Council from investigating; and they certainly won’t stop anyone who lost something from suing.  

A thorough understanding of the organization-wide consequences of an incident is not only critical for technical remediation, but also for honest, transparent, and trust-building communication with all stakeholders.  

Core Incident Response Team: Assemble! 

Who comprises your organization’s Core Incident Response Team? This group should include key decision makers and tactical leaders from engineering, information technology, information security, legal, communications, change management, and executive leadership. If you haven’t already got a comprehensive Core Incident Response Team in place, this is an excellent place to begin the process of preparing for the inevitability of a security incident.  

Once in place, an important goal of IR preparedness is creating and strengthening relationships among this core group of people and fostering regular interactions outside of incidents. The coordinated response by the Core Incident Response Team is the key to success in handling incidents.  

If you aren’t sure how to identify the correct members for this team, or whether the people currently serving in this capacity are ready to act when needed, Evertas can help.  



Related Articles