Once upon a time, industry experts would caution students and conference attendees that with cyber-attacks, it was not a question of if, but when. That adage has now matured into a more modern version: There are only two types of companies — those who know they have been successfully compromised, and those that don’t know they have been successfully compromised.
But what then?
With the inevitability of attackers piercing these inherently vulnerable systems most organizations rely on for virtually every aspect of their business, organizations have shifted much of their focus on cybersecurity from prevention mode (still important, obviously) to keeping attacked systems resilient.
This is the focus of the incident response unit GE’s Global Chief Information & Product Cyber Security Officer Nasrin Rezai and FIS Global’s Chief Risk Officer Greg Montana will take as part of the graduate course for financial services executives they will be teaching at the Wharton School’s ABA Stonier program that begins next week.
“Preventive activities can lower the number of incidents, but not all incidents can be prevented. An incident response capability is therefore necessary for rapidly detecting incidents, minimizing loss and destruction, mitigating the weaknesses that were exploited, and restoring Business services,” according to Montana.
The incident response unit, which is part of the Internet Security Alliance’s course offering in the Stonier program, will utilize examples of large-scale breaches such as Target, OPM, and Norsk Hydro to demonstrate learnings and evolving good practices. Rezai and Montana will then highlight not only why a response plan matters, but offer a road map for a proper response program. That roadmap will be contextualized within the NIST cybersecurity framework and provide the Wharton students with the questions they need to be asking to assist their organizations and avoid the mistakes made by Target, OPM, and others.