The debate about whether companies will be breached is over. It was consigned to history at the same time as industry parlance quietly shifted from ‘100% protection’ to outlining the importance of layered defenses.
Yet companies are still regularly caught unprepared. Botched breach responses that strangulate brands and puncture company value are a cyclical business occurrence, with each one now costing on average $3.9m. Once hit, no number of defensive countermeasures will soften the blow; only effective response will help. In fact, according to one estimate, forming an incident response team will save $360,000 of the cost of a breach.
So how can you help your team to respond better? Preparing for cyber crises isn’t just about writing down which steps to take in specific incidents — it’s about instilling the right mindset to respond to all incidents. Arming your people with this will protect the organization in the long term.
We set out to ask a varied set of people, many from outside cybersecurity, how companies can instill this ethos. We talked to experts in organizational psychology, communications, education and even the military, as well as a senior security leader who has been through a high-profile breach. We immersed ourselves in understanding the human element, because that is what we do.
Meet the experts
With a background at a Big 4 Consulting firm and Brunswick, Miranda has run cross team crisis scenarios for some of the largest companies on the planet.
Paul works with the world’s leading organizations to design strategy, align leaders and engage and motivate their people in the shift to digital.
Lieutenant Colonel Brian Semple OBE served in the Royal Engineers from 1966 to 1996.
Alister is the Headteacher of a junior school in Brighton, UK, and has 13 years of education experience across three large publicly funded schools.
Senior Security Leader
Anon’ is a Senior Security Leader hit by a very high-profile breach at a top ten global brand.
27 August 2020
Staying cyber-safe in a remote working world
24 September 2020
Guest Blog: The Stress and Joy of Security Jobs
21 September 2020
Five steps every business should implement before ransomware strikes
17 September 2020
A sign we’re on the right Track
7 September 2020
The key element in your cybersecurity strategy isn’t process, tech or data – it’s people
7 September 2020
If your cyber training isn’t gamified, it isn’t right – here’s why
1 September 2020