Five Cyberthreats Facing Organisations in 2024
When a cybersecurity incident is detected, there are three questions the incident response (IR) team must answer:
- Was the asset or a copy of data exfiltrated?
- Was it changed from a trusted or known state?
- Do we still have access to the data ourselves?
This trifecta is also known as confidentiality, integrity, and availability. IR teams are tasked with ensuring that no data has been stolen—and if it has, which data sets have been compromised—that the integrity of data has been maintained, and that the business remains operational.
Achieving this is based on the ability to identify the point of compromise (POC) quickly and effectively to stop threat actors moving laterally and gaining more privileged access and to close any vulnerabilities.