This article discusses the various mitigation and recovery strategy for the people aspect of managing a cybersecurity incident. The strategies include:
The software can be installed to monitor employees’ behaviour/actions and evaluate their underdeveloped security practices. Any suspicious/malicious activities can be picked up so the organization can contain the cyber security attack before the damages suffered are too great.
However, employees should not be the scapegoat (Nather, 2017) when cyber security attacks on the organization are successful.
For most organizations, continuity in providing quality products/services to customers is the top priority. Security is negligible or a small point of consideration for them. These organizations do not factor security into their daily operations, creating multiple attack vectors for cyber criminals to exploit.
Therefore, there is an increased importance for the following strategy.
Educating employees is one of the best prevention strategies. Employees create and utilize data regularly; hence the responsibility of protecting and securing their data lies with the employees.
Firstly, the organization has to eliminate the misconception that the current security controls protect all infrastructures.
Believing that the organization is well protected promotes reckless behaviour/actions from the employees. Secondly, training sessions should be conducted for employees regularly.
Training new employees ensure they are capable (Murray, 2017) of preventing and responding to cybersecurity incidents effectively. At the same time, the training sessions act as refresher courses for existing employees. Lastly, the organization must spread awareness of cyber security incidents that threaten the organization.
Through spreading awareness among the employees, they know the dos and don’ts during daily security activities. This can be combined with documentation of procedures that employees can execute in preventing, detecting, and responding to cybersecurity incidents.
The internet and mobile devices are used daily; most organizations believe they are safe, but cyber security attacks are occurring daily too, and the attacks are not significant enough to be reported.
As the dependence on IT infrastructures and cyberspace increases, disruptions affect the public and organizations, which can be life-threatening in certain situations. Although dealing with cyber security threats is an important topic, it isn't easy to convey the message (de Bruijn & Janssen, 2017) to the audience.
The lack of detailed analysis on how cyber security, a complex societal problem, can be communicated in an understandable and difficult-to-challenge way through message framing.
Message framing because, concerning cyber security, it is difficult to pinpoint a victim and criminal. Without a purpose for cyber security, the desired attention and sense of urgency are absent, leaving systems unprotected or simply delegating the protection duties to software. To convey the importance of cyber security, there are several techniques:
| BACK TO: Mitigation and Response Strategies | CIR BC Strategies for Infrastructure | CIR BC Strategies for People | CIR BC Strategies for Policy |
|
CIR BC Strategies for Process |
CIR BC Strategies: Respond | CIR BC Strategies: Recover | CIR BC Strategies: Defence Lines |
| Competency-based Course |
Certification Course | ||
Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.
Reference: Chapter 7 Developing Mitigation and Response Strategies 7.12 People
Note: This version was the draft 2nd Edition being updated in 2023. The numeric in the square bracket [X-X] cross-refers to the actual chapter and section in the 1st Edition.