"Journal of Digital Media Management is the premier forum for professional and relevant discourse in digital media and content management featuring pertinent, credible and disciplined peer-review articles."
How a well-thought-out incident response can take the advantage back from attackers
Click the button below to download the full text of the article.
Abstract: The formation of an incident response (IR) team and IR testing are the most significant actions an organisation can take to reduce the cost of a security breach, but organisations are often challenged to build the right IR team with the right outputs and outcomes decided — especially when IR itself needs an aggressive rethinking in an era of thousands of software-as-a-service (SaaS) applications in use by businesses. This paper will explore how to build the right IR team processes, key roles, tabletop exercises, protocols, executive management and other important considerations. It will highlight both hard and soft skills needed for successful IR, especially in the less-discussed but hugely important latter category, the need for expectations setting with leadership, and the right ways to convey vague and incomplete information in the early stages of IR and breach analysis by using actual cases from past experience.
Keywords: incident response; IR; SaaS; cloud security; cost of a breach; cyber security
James Christiansen is Netskope’s Vice President and Chief Security Officer, Cloud Strategy. He is focused on Netskope’s global strategy to drive thought leadership in cloud security transformation. James brings extensive expertise as a global leader in information security. Prior to joining Netskope, he was Vice President CISO at Teradata, where he led the global security, physical and information security teams. Previously, James was Vice President of Information Risk Management at Optiv, Chief Information Risk Officer for Evantix, and CISO at Experian Americas, General Motors and Visa International. In each of these organisations, one of the key responsibilities was global incident response. As a sought-after expert speaker on security, James has been featured at numerous prestigious events, including the Business Roundtable, Research Board, American Bar Association, American Banker, the RSA Conference, BankInfoSecurity, ISSA, ISACA, HIMSS and MIS Training Institute. He has also been featured in the New York Times and quoted as an expert in USA Today, the Wall Street Journal, Reuters, United States Cybersecurity Magazine, Bloomberg and Healthcare IT News. James is a patent inventor and has received three innovation awards in cyber security, GRC and cloud computing. He is the author of the ‘Internet Survival’ series and contributing author of ‘CISO Essentials’, as well as numerous industry papers. He earned his Master’s degree in business administration with a focus on international management and his Bachelor’s degree in business management from Westminster College.