The Cyber Security Breaches Survey 2017 brings us up-to-speed with the latest findings across UK businesses. Recently published by Ipsos MORI, it is an in-depth survey across 1,500 Micro to Large-sized businesses. Offering great insight into how other businesses have fared with Incident Management and their impressions of Cyber Security over the past year, it is recommended reading to provide some context to your own security posture.

In the report there stood out a statistic around Incident Response which is becoming more and more relevant. If you are to “assume breach!” then you accept that a breach will occur at some point and therefore you need to be able to respond to such an incident.

However, this still seems to be lacking for many organisations. The survey reported that only 11% of companies have a formal incident management plan in place, and according to security vendor Sophos, 66% of IT staff lack Incident Response skills.

Incident management steps taught by the SANS institute are six-fold: Preparation, Identification, Containment, Eradication, Recovery and Lessons Learned. Whilst there isn’t enough space to go into detail on how this works in this answer, (much!) more detailed information can be found by searching online for NIST-SP 800-61.