AT&T: Channel 'Adds Tremendous Value' in Cybersecurity Fight

During one recent 12-month period, AT&T logged more than 245,000 Distributed Denial of Service (DDoS) alerts across its global data network.

Edward Gately, Senior News Editor

June 13, 2016

4 Min Read
Hacker

18ef6cd47c1f48ada3debd9091243833.jpgWhen it comes to IT security readiness, progressive companies averaged 24 percent sales growth during the past three years, compared to 6 percent for passive organizations.

That’s according to AT&T’s new report, The CEO’s Guide to Cyberbreach Response. During one recent 12-month period, AT&T logged more than 245,000 Distributed Denial of Service (DDoS) alerts across its global data network.

c913255848e94d9dadc9aee82217a323.jpgIn the report, AT&T reveals that in 2015, 62 percent of organizations reported having a security breach, while 66 percent of companies said they do not have an effective incident-response plan in place. On a global scale, AT&T sees roughly 30 billion malicious scans and 400 million spam messages on its IP network per day.

Jason Porter, AT&T vice president of security solutions, tells Channel Partners that every piece of the ecosystem should have plans and protections in place to help keep an organization safe.

“This report can help solution providers better understand what to think through when helping their business customers plan and prepare for a potential security incident,” he said. “It’s important that every organization prepare a plan for a security incident before it happens, and the channel can add tremendous value in helping their business customers develop a cybersecurity response plan. The first step is to develop a cross-functional team, which should include the business customer’s senior leadership, legal, internal security and IT experts, communications teams, and any additional third-party consultants or experts as appropriate.”{ad}

More business and IT leaders are accepting the grim reality that either DDoS or emerging strains of ransomware will be successful, according to the report.

“Our most important finding is that 62 percent of companies reported that they experienced a breach in the past year,” Porter said. “With this in mind, the fact that only 34 percent of organizations do not yet have a proper incident response plan in place, was the most surprising.”

The report identifies four types of organizations: progressive, with the highest level of preparedness; proactive, with above-average levels of security; reactive, with below average levels of readiness; and passive, the least-prepared organizations run by executives who take a hands-off stance.

Seventy-four percent of the best-prepared organizations have a sophisticated and comprehensive program in place that assesses their breach response capabilities and includes a clear plan for diagnosis, response, forensics and remediation, according to AT&T.

Progressive companies saw their profit margin grow by 20 percent, compared to 3 percent for passive companies; and their customer satisfaction increased 22 percent, compared to 2 percent for those that are passive.

Every progressive organization in the report has invested in …

{vpipagebreak}

… forensic tools, compared with just 28 percent of passive companies.

Successful incident response programs begin well before a breach occurs, and should be built as part of a broader business continuity strategy. Along with the tools and systems required to identify and respond to breaches, an incident-response program requires two core components:

  • A cross-functional team. Because of the business implications of a successful cyberattack, post-breach response is often an all-hands-on-deck situation involving the C-suite, IT, security, legal, communications and other teams across the organization. AT&T and other service and technology partners also play a role, as well as law enforcement agencies, regulators and customers.

  • Frequent testing. Just as your organization holds regular crisis-management exercises for various scenarios, an incident-response plan must be regularly tested so that all involved parties are clear about their respective roles and responsibilities. These roles must be reinforced through regular tabletop testing and other simulations. The goal is to eliminate the guesswork and uncertainty that can arise in a potentially chaotic situation.

Progressive organizations, according to the report, share several key qualities. For example, C-level executives at progressive companies understand they are targets of breaches, helping them to take a more pragmatic approach to incident planning and response.

In addition, they are more likely to focus as much on readiness assessments and diagnosis planning as they do on post-breach diagnosis and response; and they perform near constant security reviews and use third-party service providers to supplement the bandwidth of their internal security teams.

“Businesses of all shapes and sizes should make security a part of every business decision,” Porter said. “The first step to do so should be planning for a security incident. In 2015, security incidents caused major enterprises an average of 23 hours of downtime. SMBs averaged nearly 14 hours of downtime. This kind of disruption can translate into lost revenue and a damaged brand reputation that a plan could have helped prevent.”

Preparation is the key to a robust breach response. To ensure that your organization can react quickly and limit damage, you should:

  • Invest in prevention and detection technologies to defend against day-to-day attacks.

  • Build a response team that includes all key internal stakeholders, from the C-suite to first responders.

  • Have a clear plan for the first 24 hours after breach detection.

  • Conduct regular tabletop exercises.

  • Establish protocols with your service providers on breach response.

Read more about:

Agents

About the Author

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like