Take Control of your Organization’s Security with an Incident Response Plan
You’re PCI DSS compliant. Your ERP system is PA-DSS certified. You implemented appropriate security checks in your checkout process. So you have nothing to worry about when it comes to security, right? Maybe…
According to the 2014 Trustwave Global Security Report, 96% of the applications scanned by Trustwave had at least one serious security vulnerability. Further, when detecting a security breach, the Report also revealed that, although 71% of the victims did not detect the breach themselves, doing so would have shortened the containment time from two weeks to 1 day.
An Incident Response Plan may have helped those victims detect those breaches themselves. As explained in Trustwave’s report, an Incident Response Plan is necessary to detect and deter threats. It provides advice for an Incident Response Plan, as well as responses to indicators of compromise. The report outlines these five steps for an Incident Response Plan:
- Train your staff on the best security practices.
- Enforce passphrases or strong passwords (minimum of seven characters and combination of upper/lower case letters, symbols, and numbers). The report revealed that 31% of compromises were caused by weak passwords. Also use two-factor authentication when accessing the network.
- Secure your data. Test and scan to identify and fix flaws early.
- Use penetration testing on your system to identify vulnerabilities and understand how your data can be attacked.
- Plan your response to a breach and practice the Plan.
The Report also revealed that 85% of the exploits detected were of third-party plug-ins. It contains statistics about locations and targeted industries, vulnerable types of applications, top vulnerabilities and severities, methods of intrusion and delivery, regulations, and much more.
Trustwave’s 123-page report is impressive and eye-opening. Knowing your enemy and what they’re planning is critical for defending yourself appropriately. Read the report for a great introduction to understanding security threats, and advice for detecting and responding to them.