GEC NEWS WIREFocus moving from Blocking and Detecting Attacks, to Detecting and Responding to Attacks
Although the frequency of a cybersecurity attack on a large scale is low, by 2018, 40 percent of large enterprises will have formal plans to address aggressive cybersecurity business disruption attacks, up from zero percent in 2015, according to Gartner. Business disruption attacks require new priority from chief information security officers (CISOs) and business continuity management (BCM) leaders, since aggressive attacks can cause prolonged disruption to internal and external business operations.
“Gartner defines aggressive business disruption attacks as targeted attacks that reach deeply into internal digital business operations with the express purpose of widespread business damage,” said Paul Proctor, vice president and distinguished analyst at Gartner. To combat these types of attacks, CISOs must pivot approaches from blocking and detecting attacks, to detecting and responding to attacks.
“CISOs and chief risk officers (CROs) can and should persuade executives to shift their thinking from traditional approaches toward risk, security and business continuity management. Security is not a technical problem, handled by technical people, buried somewhere in the IT department,” said Mr. Proctor. “Organizations need to start solving tomorrow’s problems now.”
