How you respond to a security incident can determine whether the problem gets fanned into flame or extinguished. When companies plan their cybersecurity strategies, there’s often a lot of time spent talking about and testing various security solutions, backup and disaster recovery tools and security awareness training options. All these actions are vital components to building a strong security posture, but they’re not the first thing companies should be thinking about. One of the most important foundational activities organizations tend to put off until it’s too late (i.e., post-incident) is creating a plan that details how your company would handle a security incident. While it might sound a bit defeatist to create a plan that assumes the security tools and services you’re about to invest in to prevent a security incident are going to fail, it’s not the case. First, not every security incident is a worst-case scenario like the Colonial Pipeline attack that resulted in a $5 million ransom payment. Often, an incident is something much smaller, such as a failed attempt to breach your defenses. The second point is that a small security incident can become a serious threat if the incident response isn’t handled properly. More on this point below.
David Hart, President and Chief Operating Officer of Presidio is responsible for sales and technology strategy and execution, emerging businesses development, alliances and sourcing, internal IT and our leasing arm – Presidio Technology Capital. He has served on the advisory boards of several world class technology innovators such as Cisco, Dell Technologies, Palo Alto Networks and Intel. Prior to his current role, Dave served as Chief Technology Officer. He joined Presidio in 2005 when the company acquired Networked Information Systems (NIS), a high growth IT systems integrator, where he led engineering, professional and managed services from its founding in 2000. Prior to NIS, Dave was Vice President of Engineering at Aztec Technology Partners (Nasdaq: AZTC) and at its predecessor, Bay State Computer Group. He holds a BS in Industrial Technology and a MS in Manufacturing Engineering from the University of Massachusetts Lowell.