A free online guide to help SMEs cope with the threats and realities of cyber attacks is now available to download from IT threat intelligence product company AlienVault.
Cyber attacks are a growing concern for any internet-connected business, but can be particularly worrying for smaller firms the IT firm says, many of whom lack the resources and expertise needed to mitigate them. According to a recent report by the audit firm PWC, a hack or breach can cost smaller firms between £65,000 and £115,000 per breach, with the worst affected organizations suffering up to six breaches a year.
The ‘Insider’s Guide to Incident Response’ contains tips to help smaller firms deal with cyber threats. Incident Response is a methodology for dealing with cyber attacks – a sort of fire drill for IT teams, it’s suggested, where processes are put in place for responding before an actual attack takes place.
Javvad Malik, security advocate for AlienVault, says: “It’s not a matter of if companies get hacked, but when. Eventually, most organizations will suffer one. Getting breached doesn’t determine whether or not you have a good security program in place – but how you respond to one does.
“Once you accept that everything that can go wrong is likely to do so at the worst possible time, there are things that can be done today in order to help you in your hour of need. For instance, having good relationships with people responsible for legal and PR issues within your company will save time when you need those channels of communication to be open.”
The guide outlines the six key phases of an incident response plan: preparation, identification, containment, eradication, recovery and lessons learnt. It describes the different types of security incidents and the relevant response strategies, as well as explains how attacks typically progress by demonstrating the different stages of the ‘cyber kill chain’.
The guide also covers how IT teams can leverage free online tools to help them to defend against threats. For example, it discusses how to use publicly available data on known sources of malicious activity, known as global threat intelligence, and incorporate it into local defense systems. Download for free, via this link: https://www.alienvault.com/resource-center/ebook/insider-guide-to-incident-response.
