Organizations use layered security to prevent falling victim to a cybersecurity incident. The 3 main elements of layered security require administrative, physical and technical controls. These defenses can include firewalls, access control lists, intrusion prevention & detection (IPS/IDS), segmentation and virtual local area networks (VLANs), end point security (EDR), controlled access, multi-factor authentication (MFA), and end user education. Consider these overarching layers when deploying your security defense strategies: Network, Data, Critical assets, and Human.
Despite best efforts, cybersecurity incidents may still occur. Do you have a mechanism in place for reporting these incidents?
At the base level, there should be a process for a staff member to report a suspicious activity. A ticketing system will allow the user to communicate the wary activity for further follow-up and action. End users should be educated on the types of skeptical activity that could occur and that prompt reporting is vital.
Other incident reporting may require divulging the activity to stakeholders, vendors and other required reporting entities. Understanding the extent and nature of the incident will lead to the proper reporting procedures. This should all be included in your incident response plan.
Incident reporting is an important element of maintaining and fortifying an organization’s cybersecurity posture.
- Reporting leads to corrective actions and implementing preventative actions.
- Various risks can be identified.
- Reporting and documenting these incidents will lead to continuous improvements.
- Accurate reporting can ensure regulatory compliance.
- The overall safety culture of the organization is improved.