This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Irisscon: Preparations can be made for a proper response to a crisis

Share this article:

Proper preparations can be made to minimise the crisis point around a data breach, according to Barclaycard's Neira Jones.

Speaking at the Irisscon event in Dublin, Neira Jones, head of payment security at Barclaycard, recommended creating an incident response plan to include a specific web page.

Saying that with more than 1.5 billion social network users, most people hear of breaches online, and that should be a consideration when creating an incident response.

“There were more breaches in 2012 than all 2011, 31.6 per cent more than in 2011. That is 1,283 for 2012 so far,” Jones said.

“Eighty-four per cent of organisations were notified of a breach by external entities, and within that 84 per cent, the attackers had an average of six months in the environment. We see the figures but we don't learn. We can all agree that breaches have become a statistical certainty and information security is not about deploying controls and incident response is still very rare.”

Looking at the LinkedIn breach, Jones said that there was a slow response, with most awareness driven by retweets and social network conversation.

She said: “The new dimension is speed and it needs to be an increasing part of your planning, as news will spread with or without your involvement. You have to have a plan and a team and cater for that, you also need to create a web page to deal with your crisis situation.”

Jones highlighted three sets of 'A's' when it comes to incident response, the first being acknowledgement, apology and action in finding out the basics and sharing with your audience, and doing something.

She said: “With the three A's, it takes seven minutes for a crisis to be known worldwide. Although having a web page doesn't mean that people will listen or find you.”

She recommended the next set of A's: amplification, advocacy and adhesion, as you become a central hub for the crisis "so you can own it".

She said: “You cannot do it on your own. You need to use social avenues to direct people to your crisis web page and keep it updated as and when you know more. When there is anything newsworthy, information seekers will find it out, so give them information and seek out allies and partners and share information and trust your employees. They will be your advocates.”

Finally, to get the situation in your favour, Jones said that you should "answer, analyse and aggregate". Analysis involves monitoring real-time content and categorising and preparing for content to be posted, answer involves making a statement and speaking publicly and you should aggregate the information by putting everything in one place, on your web page.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Chinese hackers steal confidential documents on Israeli missile defence system

Chinese hackers steal confidential documents on Israeli missile ...

Chinese hackers comprised the computer systems of three Israeli defence contractors between 10 October 2011 and 13 August 2012 in order to steal hundreds on confidential documents on Israel's Iron ...

Security researcher finds exploitable flaws in 14 antivirus engines

Security researcher finds exploitable flaws in 14 antivirus ...

Joxean Koret, a security researcher at Singapore-based consultancy COSEINC, has found exploitable local and remote flaws in 14 of the 17 major antivirus (AV) engines used by most major AV ...

Russian government promises £60k bounty to Tor hackers

Russian government promises £60k bounty to Tor hackers

The Russian Ministry of Internal Affairs (MVD) is offering a 3.9 million ruble (approximately £64,600) reward to anyone who can find a way of identifying and tracking users of the ...