November 27, 2021

The importance of having an anti-cyberattack protocol in a company

The implementation of an anti-cyberattack protocol within the company makes it possible to avoid or reduce the risk of being hacked. Indeed, this security system makes it possible to better control what is happening at the network level and to identify threats more quickly.

According to a study conducted by the Ponemon Institute and funded by IBM, the majority of companies do not have an anti-piracy protocol. One of the main reasons for this is a well-documented shortage of security skills. However, an anti-cyberattack protocol is of great importance to the entire company.

Anti-cyberattack protocol: lack of skills within the company

The 2019 study on cyber-resilient organizations is the fourth benchmark of cybersecurity from the supplier. Participants said they do not have sufficient manpower to maintain and test an anti-cyberattack protocol. In fact, they face 10 to 20 vacant positions in cybersecurity teams.

Only 30% of responders said they have security personnel competent to achieve a high level of cyber resilience. And 75% of those surveyed felt that their difficulty in recruiting and retaining qualified professionals was quite high.

These results indicate that the ability to respond to incidents is a significant challenge. In addition to the lack of qualified personnel, 48% of the companies surveyed stated that their organization deploys too many separate security tools. As a result, operational complexity increases and visibility of the overall security posture is reduced.

Automation plays a key role

In addition, the study discussed automation and its value for cyber resilience. Managers were asked to rate, on a scale of 1 to 10, the value of automation and cyber resilience to their security framework. 62 % considered the deployment of an anti-cyber attack protocol as Very important . Besides, 76 % stated that automation presents a great utility in business.

Only 23% indicated that they make heavy use of automation technology. These include identity management and authentication and corporate information management tools. 77 % stated that their organization only uses automation in ways moderate, limited or not at all. But first and foremost, businesses need to remember that they need a cyber response plan. If not, they do not have a solid foundation.

Developing a plan

In order to achieve the deployment of the anti-cyberattack protocol in a company, it is essential to constitute a transversal team. This team should include members of IT, but also HR. In fact, the threats to the company are multiple.

the marketing must be involved. You have to know that if there is a crisis communication plan in place, it will have to be executed. In addition, it is advisable to obtain the sponsorship of a leader. If this is a truly serious violation, an officer will need to be brought in to comment. “

This intervention plan will make it possible to ” minimize wasted time “. When an incident does occur, the likelihood of recovery is greater if the procedures and response time are documented.