Many cyber attacks against companies today go unreported, and more still are undetected. This poses a critical threat to organizations that are striving to innovate, maximize efficiency and compete in a connected world. Timing and context are everything. The faster a company identifies a problem, and the faster and deeper it is understood and its relevance to the business, the more effectively the company can respond. We call this squeezing the cyber response curve. This two-part post will discuss the current state of cyber threats, what the cyber response curve is and its impact your organization and how you can effectively squeeze this curve to improve attack response.

The hidden menace

Prominent organizations, such as the New York Times, are some of the companies that have been the high profile victims of cyber attacks. But they are just the tip of the iceberg. As the world becomes ever more connected, cyber threats are rapidly escalating into a major issue for many organizations across different industry sectors.

According to a recently released report from the Ponemon Institute, U.S. organizations have the dubious honor of ranking first worldwide with the average data security breach costing $5.4M. Healthcare, financial, and pharmaceutical industries had higher than average costs coming in at $6.7M, $6.2M, and $6M per incident, respectively.

Cyber threats need to be managed as an on-going business risk, with the basis that countering a determined, well-resourced and innovative attacker requires a well-resourced and innovative response.

What is the cyber response curve?

While working with commercial and government organizations, BAE Systems Detica has seen a multiplication of highly sophisticated attacks. The cyber response curve is a concept we have designed to evaluate organizations’ readiness to respond to cyber threats and enable them to view how they could improve their response based on three factors: time between the start of and detection of an attack, level of compromise and how long it takes to make an informed decision. It is premised on our observations over the last few years of how different organizations have responded to targeted attacks.

The cyber response curve (Figure 1) maps out three critical elements of a response:

Now that we have discussed the state of cyber attacks today and an introduction to the cyber response curve, part two of this post will tackle common approaches to security that impact the cyber response curve and your organization can do today to optimize attack response.