Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Building a strong incident response and management plan

1 April 2016 Conferences & Events, News & Events

By Kirsten Doyle

Security incidents are commonplace in businesses of all types and sizes. Whether through sophisticated malware, violation of security policies or employee carelessness, these threats can be catastrophic to the business.

"Given the digital landscape upon which most organisations are either currently operating on or considering as part of their future strategic imperatives, it is very important to consider incident response and management," says Ritasha Jethva, head of Information Privacy / PAIA officer at the Nedbank Group, who will be presenting on the importance of incident response capabilities in today's digital environment, at the ITWeb Security Summit 2016, to be held at Vodacom World from 16 to 20 May.

She says in the age of consumerism, consumers and employees have access to all sorts of social networking platforms which they can use to complain about companies they are dissatisfied with. "The supporter base grows at exponential speeds through these platforms and as companies, we need to understand how, when and what to do under these circumstances."

While consumers use the technology platforms for their own purposes, explains Jethva, cyber criminals utilise the platforms to expose confidential information in an unauthorised manner, either for financial gain or in order to demonstrate a point to the company they aggrieved about. "Unfortunately, this comes at the cost of both the company concerned as well as the individuals impacted and it is important that we think about different tactics when addressing incidents in a landscape where issues become viral in a matter of seconds."

Drawn out processes

Speaking about what businesses in SA are doing wrong when it comes to incident response and management, she says in her experience, companies are relying too much on long drawn-out incident response and management processes. "It's almost as if they spend too much time on the internal management of the incident and not enough time on responding to it.

"Sometimes, processes are not only lengthy and complicated, but hardly anyone understands how they work. Sometimes processes are not very collaborative across the organisation, and teams still operate in their silos, with pockets and escalations taking far too long, and sometimes the right audience is not involved at the right time."

Concurrently, she says some companies fail to recognise that incidents on digital platforms and landscapes gather media attention far faster than the move from step one to step two on their incident management process. "As a result, companies take too long to respond to the media, which results in further speculation, and at the same time, they take longer responding to queries around the incident from their consumers, partners and employees once it becomes public knowledge.

This degrades the levels of trust people have in the company and can affect the reputation of the organisation concerned. Traditional incident response and management processes were never built for today's types of incidents and hence they fail when the time comes to utilise it."

A different engagement model

In terms of what businesses could be doing better, Jethva says they need to be spending more time understanding who will respond to the incident at hand, and how they will do it. "The management processes need to give priority to both the management aspects and the response aspects. Roping in the public affairs representatives, senior officials of the company concerned, and the key specialist areas, such as IT, privacy, security, legal, risk and compliance, introduces a completely different dynamic within incident management."

She says it suggests a different engagement model, a different way of responding, opens up myriad varying communication channels to utilise, and suggests that all parties are required to be in sync at all times. "Preparing the various stakeholders through simulations and helping everyone understand their role in the process is critical and this is where I believe the emphasis should be placed going forward."

Delegates who attend Jethva's talk can expect some interesting perspectives on incident response and management. They will be left with pointers on what to consider when dealing with incidents in the digital landscape and what to watch out for. "It's a talk that is expected to broaden our horizons and thinking on this topic."

ITWeb Security Summit 2016

Hear opinion from Ritasha Jethva, Nedbank, on incident response and management at the ITWeb Security Summit 2016, 17 and 18 May. To view the full agenda, click here. To register, click here





Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Global Threat Intelligence Report for October 2025
Information Security News & Events
Africa was pipped to the post as the most attacked region by Latin America, which averaged 2966 attacks per organisation per week (+16% YoY). Africa followed with (2782, – 15%) and APAC (2703, – 8%).

Read more...
Workflow and asset management solutions
Asset Management News & Events
Zamatrack’s innovative workflow and asset management solutions feature the Worxit platform. This all-in-one solution allows businesses to streamline operations with real-time tracking, GPS data, and custom reports.

Read more...
SAQCC Gas awareness
Associations News & Events
SAQCC Gas will raise awareness within the gas industry by emphasising the importance of using registered gas practitioners and getting a Certificate of Compliance (CoC) for all your gas systems.

Read more...
Fire safety in focus
Securex South Africa Fire & Safety News & Events
Firexpo Cape Town visitors will not only compare technologies side-by-side, but also connect with suppliers and experts who understand both the region’s regulatory framework and its unique environmental risks.

Read more...
Sophos launches advisory services to deliver proactive cybersecurity resilience
Information Security News & Events
Sophos has launched a suite of penetration testing and application security services, designed to identify gaps in organisations’ security programs, which is informed by Sophos X-Ops Threat Intelligence and delivered by world-class experts.

Read more...
Kaspersky highlights biometric and signature risks
Information Security News & Events
AI has elevated phishing into a highly personalised threat. Large language models enable attackers to craft convincing emails, messages and websites that mimic legitimate sources, eliminating grammatical errors that once exposed scams.

Read more...
Keenfinity launches Radionix as new intrusion brand
Perimeter Security, Alarms & Intruder Detection News & Events
Keenfinity Group’s Intrusion & Access Business Unit has launched Radionix as its new brand for intrusion alarm systems, unlocking new potential and growth opportunities.

Read more...
ProtecLink 2025 spotlights industry tensions and transformation
Magtouch Electronics t/a Ithegi Electronics Security Services & Risk Management News & Events
ProtecLink 2025, created and hosted by Ithegi Electronics, brought together key stakeholders from the security, finance, and innovation sectors under the theme "Connecting Security, Finance, and Innovation: Inspiring Transformation in the Industry."

Read more...
SafeQuip issues certification update notice
SafeQuip Fire & Safety News & Events
SafeQuip has confirmed that the Lith-Ex range of fire extinguishers is the only certified lithium-ion battery fire extinguisher range in South Africa.

Read more...
Paxton enhances installer loyalty programme
Paxton Access Control & Identity Management News & Events
Paxton has made it easier for security installers to benefit from its popular loyalty programme, Paxton Rewards, with points now added automatically when purchasing through approved distribution partners.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.