How you respond to a security incident can determine whether the problem gets fanned into flame or extinguished. When companies plan their cybersecurity strategies, there’s often a lot of time spent talking about and testing various security solutions, backup and disaster recovery tools and security awareness training options. All these actions are vital components to building a strong security posture, but they’re not the first thing companies should be thinking about. One of the most important foundational activities organizations tend to put off until it’s too late (i.e., post-incident) is creating a plan that details how your company would handle a security incident. While it might sound a bit defeatist to create a plan that assumes the security tools and services you’re about to invest in to prevent a security incident are going to fail, it’s not the case. First, not every security incident is a worst-case scenario like the Colonial Pipeline attack that resulted in a $5 million ransom payment. Often, an incident is something much smaller, such as a failed attempt to breach your defenses. The second point is that a small security incident can become a serious threat if the incident response isn’t handled properly. More on this point below.
Brid Graham is the Senior Vice President of Presidio Europe & APAC. Brid is responsible for driving Presidio’s IT Services, Solutions Business and IT Procurement Business including the company’s Apple Practice. Her teams design and implement innovative solutions that support business transformation, enabling clients to scale in Europe, Middle East and Africa and Asia Pacific. Brid joined the company in 2001 as an Account Manager at Arkphire and has since then has held a variety of leadership roles