The old tactics work just fine
The 2023 Data Breach Investigations Report released recently by Verizon makes for some interesting reading. The 89 page report uses data derived from the analysis of 16,312 security incidents, of which 5,199 were confirmed data breaches.
Some of the high-level findings covered in the report are –
Attackers have been applying three primary means to gain access to an organisation – the use of stolen credentials, phishing and the exploitation of vulnerabilities.
Human error, privilege misuse, the use of stolen credentials or social engineering were the cause of 74% of the breaches analysed. In 83% of the cases an external actor was involved and in nearly all of those cases (95%) their actions were financially motivated.
The report authors go on to say the findings are unfortunate but worse still do not even require attackers to evolve their tactics because the old ones still work just fine.
Click below to obtain a copy of the report.
Download The Report
Is your organisation prepared well enough to deal with an incident?
In recent years an increasing number of organisations have taken steps to try and improve their ability to deal with a cybersecurity incident. However, many organisations have not properly tested the effectiveness of their capabilities.
Conducting tests ensure that the designated roles and responsibilities of your response team are appropriate and well-defined plus team members can better understand and internalise the necessary actions they need to take during a security breach. Additionally, testing provides the team with real-world experience on how to handle triage and escalation processes effectively.
Furthermore, practice and testing help build the confidence of staff members, enabling them to handle high-pressure situations more competently when they arise.
Kaon Security offers a practical solution in the form of a tabletop exercise. This exercise brings together all key players, presents various breach scenarios, and encourages everyone to discuss their roles as outlined in the response plan. The value of this approach lies in swiftly identifying gaps in the plan's execution, raising pertinent questions that need addressing, and establishing an action items list for improvement.
The Incident Response Optimisation service provided by Kaon Security consists of two key phases -
- Evaluate your current Incident Response readiness level.
- Review your existing Incident Response information, plan, templates, and guidelines.
- Identify any gaps and areas of concern.
- Review and optimise current roles and responsibilities.
Prepare and Deliver Phase:
- Conduct a walkthrough of an Incident Response scenario using a sample playbook.
- Assist in formalising appropriate roles and responsibilities for incident handling.
- Present and discuss relevant supporting Incident Response documentation.
- Create a comprehensive library of tailor-made playbooks for common incident response scenarios, customised to match your organisational structure.
- Develop reporting templates, branded and customised to your organisation.
- Draft an incident response plan aligned with playbooks and reporting templates, ready for internal approval and dissemination.
By having a comprehensive Incident Response (IR) plan, complete with bespoke playbooks, your team will be better equipped to respond swiftly and effectively to real-life incidents.
Kaon Security's team of experts can assist your organisation in developing a new IR plan or updating existing components to enhance preparedness.
For those organisations seeking a more in-depth approach to testing their response plan beyond tabletop exercises, Kaon Security also provides additional assistance. Contact us today.
It's a hot topic! >