Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Risk Management & Resilience
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Building a strong incident response and management plan

1 April 2016 Conferences & Events, News & Events

By Kirsten Doyle

Security incidents are commonplace in businesses of all types and sizes. Whether through sophisticated malware, violation of security policies or employee carelessness, these threats can be catastrophic to the business.

"Given the digital landscape upon which most organisations are either currently operating on or considering as part of their future strategic imperatives, it is very important to consider incident response and management," says Ritasha Jethva, head of Information Privacy / PAIA officer at the Nedbank Group, who will be presenting on the importance of incident response capabilities in today's digital environment, at the ITWeb Security Summit 2016, to be held at Vodacom World from 16 to 20 May.

She says in the age of consumerism, consumers and employees have access to all sorts of social networking platforms which they can use to complain about companies they are dissatisfied with. "The supporter base grows at exponential speeds through these platforms and as companies, we need to understand how, when and what to do under these circumstances."

While consumers use the technology platforms for their own purposes, explains Jethva, cyber criminals utilise the platforms to expose confidential information in an unauthorised manner, either for financial gain or in order to demonstrate a point to the company they aggrieved about. "Unfortunately, this comes at the cost of both the company concerned as well as the individuals impacted and it is important that we think about different tactics when addressing incidents in a landscape where issues become viral in a matter of seconds."

Drawn out processes

Speaking about what businesses in SA are doing wrong when it comes to incident response and management, she says in her experience, companies are relying too much on long drawn-out incident response and management processes. "It's almost as if they spend too much time on the internal management of the incident and not enough time on responding to it.

"Sometimes, processes are not only lengthy and complicated, but hardly anyone understands how they work. Sometimes processes are not very collaborative across the organisation, and teams still operate in their silos, with pockets and escalations taking far too long, and sometimes the right audience is not involved at the right time."

Concurrently, she says some companies fail to recognise that incidents on digital platforms and landscapes gather media attention far faster than the move from step one to step two on their incident management process. "As a result, companies take too long to respond to the media, which results in further speculation, and at the same time, they take longer responding to queries around the incident from their consumers, partners and employees once it becomes public knowledge.

This degrades the levels of trust people have in the company and can affect the reputation of the organisation concerned. Traditional incident response and management processes were never built for today's types of incidents and hence they fail when the time comes to utilise it."

A different engagement model

In terms of what businesses could be doing better, Jethva says they need to be spending more time understanding who will respond to the incident at hand, and how they will do it. "The management processes need to give priority to both the management aspects and the response aspects. Roping in the public affairs representatives, senior officials of the company concerned, and the key specialist areas, such as IT, privacy, security, legal, risk and compliance, introduces a completely different dynamic within incident management."

She says it suggests a different engagement model, a different way of responding, opens up myriad varying communication channels to utilise, and suggests that all parties are required to be in sync at all times. "Preparing the various stakeholders through simulations and helping everyone understand their role in the process is critical and this is where I believe the emphasis should be placed going forward."

Delegates who attend Jethva's talk can expect some interesting perspectives on incident response and management. They will be left with pointers on what to consider when dealing with incidents in the digital landscape and what to watch out for. "It's a talk that is expected to broaden our horizons and thinking on this topic."

ITWeb Security Summit 2016

Hear opinion from Ritasha Jethva, Nedbank, on incident response and management at the ITWeb Security Summit 2016, 17 and 18 May. To view the full agenda, click here. To register, click here





Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Risk management: There's an app for that
Editor's Choice News & Events Security Services & Risk Management
Zulu Consulting has streamlined the corporate risk management process with the launch of Risk-IO, a web-based app designed to consolidate and guide risk managers through the process, monitoring progress as one proceeds.

Read more...
Integrated information platform for risk management
Editor's Choice News & Events Security Services & Risk Management
Online Intelligence recently launched version 7 of its CiiMS risk and security platform. Speaking to SMART Security Solutions after the launch event, the company’s Arnold van den Bout described the enhancements in version 7.

Read more...
Unlocking Africa's AI potential
Editor's Choice News & Events AI & Data Analytics
Africa's AI market is set to grow exponentially; by investing in AI education, training, and ethical practices, African nations can harness the power of AI to transform the continent and create a brighter future for its people.

Read more...
Entries to southern Africa OSPA Awards now open
Technews Publishing Securex South Africa Editor's Choice News & Events
The southern Africa OSPAs are part of a global awards scheme that recognises and rewards teams, individuals and organisations for their commitment and outstanding performance within the security sector.

Read more...
Securex has moved to June
Technews Publishing Editor's Choice News & Events
Following the formal announcement of the date for South Africa’s national election, 29 May 2024 , which happened to be in the middle of the planned dates for Securex South Africa, Securex will now take place from 11 – 13 June 2024 at Gallagher Estate in Midrand.

Read more...
Africa Online Safety Platform launched in SA
Training & Education News & Events
Impact Amplifier, with the financial support of Google.org, launched its African Online Safety Platform (AOSP), a platform providing a rich repository of research, education content, funding opportunities and ways to seek help after an online crime.

Read more...
International access manufacturer sets up shop in SA
Technews Publishing Access Control & Identity Management News & Events Products & Solutions
The South African security market can always use some good news, and this year, STid has obliged by formally entering the South African market, setting up its main office in the Boomgate Experience Centre in Roodepoort, Johannesburg.

Read more...
Enhance the safety of lithium batteries
Power Management News & Events
One of the processes that can hamper the functioning of lithium batteries is an internal short circuit caused by direct contact between the cathode and anode, but a solution may be at hand.

Read more...
Beagle Watch adds fire to its portfolio
Editor's Choice Fire & Safety News & Events
Beagle Watch Armed Response and FIRE OPS SA announced the enhancement of the two companies' combined service offerings to provide professional fire safety services to Beagle Watch clients and Johannesburg residents.

Read more...
ASSA ABLOY acquires Amecor in South Africa
Amecor Editor's Choice Perimeter Security, Alarms & Intruder Detection News & Events
ASSA ABLOY has signed an agreement to acquire Amecor, a well-known South African manufacturer of security communication equipment in the South African security market and beyond.

Read more...











SMART Security Business Directory



Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.