Incident Detection
Detection is all about knowing when something has gone wrong. We have fire alarms in our businesses and homes that alert us to problems. In cybersecurity, the faster you know about an incident, the quicker you can mitigate the impact and get back to normal operations.
Detection is about:
- Knowing the threats applicable to your business
- Having cybersecurity products or services that help monitor your networks
- Having well-trained employees who can spot things that aren’t right and report them
- In some cases, phishing attacks using your brand, even having your customers alert you when cybercriminals are trying to gain access to your system via customer credentials.
Knowing the Threats
Not all threats in cybersecurity equally impact your business. Some, like broad ransomware attacks are designed to infect any system anywhere that is vulnerable. In other cases, attacks may be motivated by the type of business your are in and the value of what you have. For example, if your are in the retail business cybercriminals may be looking to steal customer payment data or access a bank account. If you are in manufacturing, maybe stealing your intellectual property or disrupting your operations is the goal.
You don’t need to be a cybersecurity expert to ensure that your business is protected, but it is critical that you understand the online threats to your company’s network. Awareness of key threats will enable you to employ practices and behaviors that limit your company’s risk.
(Author: National Cyber Security Alliance, published under Public License)