This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Irisscon: Preparations can be made for a proper response to a crisis

Share this article:

Proper preparations can be made to minimise the crisis point around a data breach, according to Barclaycard's Neira Jones.

Speaking at the Irisscon event in Dublin, Neira Jones, head of payment security at Barclaycard, recommended creating an incident response plan to include a specific web page.

Saying that with more than 1.5 billion social network users, most people hear of breaches online, and that should be a consideration when creating an incident response.

“There were more breaches in 2012 than all 2011, 31.6 per cent more than in 2011. That is 1,283 for 2012 so far,” Jones said.

“Eighty-four per cent of organisations were notified of a breach by external entities, and within that 84 per cent, the attackers had an average of six months in the environment. We see the figures but we don't learn. We can all agree that breaches have become a statistical certainty and information security is not about deploying controls and incident response is still very rare.”

Looking at the LinkedIn breach, Jones said that there was a slow response, with most awareness driven by retweets and social network conversation.

She said: “The new dimension is speed and it needs to be an increasing part of your planning, as news will spread with or without your involvement. You have to have a plan and a team and cater for that, you also need to create a web page to deal with your crisis situation.”

Jones highlighted three sets of 'A's' when it comes to incident response, the first being acknowledgement, apology and action in finding out the basics and sharing with your audience, and doing something.

She said: “With the three A's, it takes seven minutes for a crisis to be known worldwide. Although having a web page doesn't mean that people will listen or find you.”

She recommended the next set of A's: amplification, advocacy and adhesion, as you become a central hub for the crisis "so you can own it".

She said: “You cannot do it on your own. You need to use social avenues to direct people to your crisis web page and keep it updated as and when you know more. When there is anything newsworthy, information seekers will find it out, so give them information and seek out allies and partners and share information and trust your employees. They will be your advocates.”

Finally, to get the situation in your favour, Jones said that you should "answer, analyse and aggregate". Analysis involves monitoring real-time content and categorising and preparing for content to be posted, answer involves making a statement and speaking publicly and you should aggregate the information by putting everything in one place, on your web page.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

NCA/FBI/Europol launch global cyber crime-busters, J-CAT

NCA/FBI/Europol launch global cyber crime-busters, J-CAT

The UK's National Crime Agency (NCA) has joined forces with the FBI and Europol to launch a new global crime fighting team, led by the NCA's Andy Archibald.

NATO members to get cyber war protection

NATO members to get cyber war protection

Nato cyber defence policy to declare that a cyber attack on any one member country is an attack on them all.