Industry expert and former CISO Ondrej Krehel explained that there are two key questions relating to data breaches that drive CISOs up the wall: Who discovers the breach and how will the company respond?
Whenever the topic of cybersecurity crops up, the issue of data breaches is sure to follow. These are the most obvious and, in many ways, most damaging consequences of a cybersecurity failure, and the media has been paying much more attention to these incidents in recent years than ever before.
It’s no surprise, then, that the fear of a data breach can cause a huge headache for companies’ CISOs. Speaking to Forbes, industry expert and former CISO Ondrej Krehel explained that there are two key questions relating to data breaches that drive CISOs up the wall: Who discovers the breach and how will the company respond?
“The vast majority of businesses do not detect their own data breaches themselves.”
Discovery
To those outside the cybersecurity industry, the issue of who discovers the breach may seem relatively inconsequential. However, as Krehel told the news source, the vast majority of businesses do not detect their own data breaches themselves. Instead, it is usually outside firms that discover and report the breach initially. Just as importantly, when breaches are discovered internally, chaos may be the result. Krehel noted that departments may lack effective communication, leaving some important personnel in the dark. Even worse, the responsible department may try to cover up its mistake.
All of this can cause major problems for the CISO, the news source explained. In each case, the CISO will often feel like he or she lacks sufficient clarity or understanding, making it far more difficult to assess and react to the data breach.
Recovery
The other reason that data breaches are so distressing for CISOs, Krehel explained, is that companies often respond ineffectively, or even detrimentally, once the data breach becomes known. He noted that while the majority of organizations have fairly high-quality cybersecurity defenses in place, they tend to be much less prepared to respond to data breaches once they occur. Critically, these failures often concern not technology, but rather employee knowledge and skills.
“People are trained on what to do when a network goes down, but they aren’t trained on what to do if a network is breached,” Krehel said, according to Forbes.
As a result of this lack of expertise, personnel may inadvertently make a bad situation worse by panicking in their efforts to contain and bounce back from a breach.
This speaks to one of the most important steps that CISOs can take to reduce the stress caused by the threat of data breaches: advocating for security awareness training throughout the organization. By participating in effective educational programs, workers can discover both how to better identify a potential data breach and how best to respond in the event of such a security failure. This is not the sort of information or insight that employees will gather on their own volition – the company needs to offer this training to prepare its staff members for such incidents.
Prevention
Going further, Krehel’s points highlight the need for broader cybersecurity training among company work forces. The fact of the matter is that despite the growing prominence of data breaches in the news and other media, many employees remain ignorant of how their own actions can lead directly to such cybersecurity failures. As countless incidents, such as the recent breach at Rogers Communications, have demonstrated, employee behavior can have a huge impact on a company’s overall cybersecurity posture. From failing to use strong passwords to clicking on suspicious links, it is very easy for personnel to inadvertently sabotage their companies’ defenses.
By attending robust, periodic information security awareness training, though, employees will learn how to avoid these preventable errors. That should help every CISO to sleep better at night.