The information security team may have security in their name, but that doesn’t mean they own it. Security requires the active participation of everyone in the company, from management to facilities staff, in order to prevent and respond to incidents.
Preventing Security Incidents
Everybody has a role in preventing a security incident:
Management: Management sets the standard of behavior for everyone else in the business. If managers are seen treating security casually, no one else will take it seriously, either. This means managers, including senior executives, need to participate in the security training that’s mandated for everyone else; they need to demonstrate safe computing practices, like not writing down passwords and sharing them with their admins; and treating compliance audits as beneficial, rather than a necessary evil.
Finance: The financial team needs to understand the value of spending on security and authorize the appropriate expenses. In addition, the financial team needs to understand the sensitivity of the data they work with and take steps to avoid falling for targeted spearphishing attacks that seek to steal account numbers or trigger funds transfers inappropriately.
Human resources: The HR team, through its training programs, is responsible for ensuring everyone receives the necessary information security training. In addition, the HR team has the responsibility for ensuring the hiring process employees appropriate background checks and handling disgruntled employees to minimize insider risks.
Facilities: Physical security of your premises is an important component of information security.
Information security: Of course, the information security team has a major role in preventing breaches through developing security strategies and implementing tools to protect valuable corporate data.
Everyone else: All employees are responsible for using safe computing practices, including creating strong passwords and not sharing them. Employees are responsible for paying attention to the mandated information security training and taking those lessons back to their workspaces.
Responding to Security Incidents
If you unfortunately experience a security breach, you need a solid incident response plan. Multiple teams will have roles in the response, including:
Management: Management is responsible for ensuring that the incident response plan is executed, as well as overseeing related activities.
Marketing and communications: One of the biggest challenges in responding to a breach is communicating the event and how you are responding to it. In addition, your teams may need to ramp up marketing to mitigate reputation damage and minimize lost business.
Legal and compliance: A data breach isn’t just an internal matter; depending on your industry and location, you may have to satisfy legal and regulatory mandates regarding notifications, compensation, and other breach-related events. Your legal and compliance teams will make sure you follow the letter of the law on these actions.
Information security: Your technology team needs to complete several different activities. First, they need to identify the impact of the breach and determine the extent of the data loss. Second, they need to discover the root cause that allowed the breach to occur, and implement a strategy to prevent that type of attack from recurring. In addition, they should conduct a thorough review to identify other vulnerabilities and take steps to reduce the risk you’ll be victimized through a different form of attack.
Learn more about creating a disaster recovery plan.