Incident Response: Gathering the Facts

Not Knowing Numbers Behind Event Makes Risk Assessment Hard
To know how best to respond to IT and communications failures, organizations first must collect information on such incidents, says Marnix Dekker, who co-authored a just-issued report on incidents for ENISA.

The European Network and Information Security Agency, as reflected in its report that focused on mobile- and land-based networks, is collecting information about incidents so European member nations can improve their response to such events.

Without the data and an analysis of the information, officials in government and industry can't determine the best way to respond, Dekker says in an interview with Information Security Media Group.

"You could go to any country and ask a politician if they know how many incidents there were in the banking sector and what their social impact was. They don't know the answer," Dekker says. "And that is difficult to make policy and even to assess the risks of cybersecurity incidents without knowing the numbers behind it."

Among the major findings of the report:

  • Hardware/software failure and third-party failure were the root causes for most outages;
  • Incidents primarily caused by natural phenomena such as storms and floods lasted, on average, for 45 hours;
  • A strong dependency exists on power supply of mobile and fixed communication services, noting that battery capacity of 3G base stations is limited to a few hours, and this means that lasting power cuts cause communication outages.

Dekker works at ENISA on cloud security and smartphone security. He has a degree in theoretical physics and a Ph.D in computer science. His doctoral thesis proposes new, more flexible, access control for collaborative work environments such as medical health record systems.

Before joining ENISA, Dekker worked for KPMG in the Netherlands as an identity management architect and IT auditor. He designed the new version of DigiD, a digital identity for citizens. At KPMG he also reviewed the deployment of a large cloud and outsourcing service for a critical governmental agency.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.