The Human Factor in Security Incident Response

[relemedf5w023]

20.11.2023
ComputerWeekly talks to Elastic CISO Mandy Andress about what goes into a good incident response plan and what steps security teams should take to ensure they are properly prepared for the almost inevitable attack and gain buy-in from the organization's leadership.

When it comes to security incident response strategies, many organizations tend to focus heavily on cyber resilience, which is entirely appropriate, but often forget to consider the importance of human resilience.

After all, a lot is required of the people algeria mobile database for localizing, analyzing, eliminating the consequences of an attack, and for subsequent recovery. At every stage, they must remain calm while analyzing a complex situation, formulating adequate countermeasures, diplomatically meeting the expectations of stakeholders, and sometimes facing rejection of their recommendations. And that’s not to mention the long working hours and limited resources they have to deal with.

But how much attention is paid to the actual experience of doing this work? Are the people involved in this work adequately equipped and supported? Or are they simply expected to perform superhuman efforts, regardless of the impact of physical and psychological fatigue on their ability to recover?

As a CISO, this is a very important task for me: to ensure that our incident response plans include adequate provisions for the people working on the front lines.

At the beginning of an incident, when the adrenaline is pumping and the motivation to quickly stop the attack is high, team members typically work extremely hard to complete the tasks assigned to them. This is a period of high-octane intensity.