CDSA

There has been a significant increase in security breaches since the start of the pandemic and having an effective incident response game plan in place to deal with such emergencies is crucial, according to Chris Johnson, CEO and president of Convergent Risks.

Speaking during the Security & WFH breakout presentation “Don’t Let a Crisis Spoil Your Drama – Experience an Incident Response App at Work” May 12 at the annual Hollywood Innovation and Transformation Summit (HITS) Spring event,  he said the pandemic “has accelerated the transition to the cloud and the increased use” of Software-as-a-Service (SaaS)-based applications “within our workflow.”

During the pandemic, we have also consumed a “substantial volume of data regarding the risks around these emerging environments and how best to secure them,” he said.

Although “it is crucial that we protect our assets, we must also understand that, at times, we’re going to get this wrong,” he told viewers. “We might also become victim of an adversarial breach or, even worse, a combination of both,” he said, adding that if it is “not managed well,” a breach can have “significant ramifications” in terms of money and a firm’s reputation.

He and Mathew Gilliat-Smith, EVP at Convergent Risks, and Matt Lody, CTO of Convergent Risks, went on to demonstrate to viewers how their company’s incident response app works during a 30-minute exercise in which they provided a taste of what it is like to get a call about such a breach, how to kick start the response and manage communications to staff and external stakeholders.

It’s 8 pm on a Friday night and the CTO of a global creative services provider was notified of a significant security breach involving a premium episodic title. Unfinished content was leaked and its office has been told that, unless a significant ransom was paid, further material would be released revealing the plot line, together with sensitive contractual cast information.

Although the demonstration was only 30 minutes, it showed the benefits of using a secure host that is not connected to a potentially compromised network and the importance of securing information and critical evidence that can be used in the future if needed for litigation or other reasons, according to Johnson.

“Communications are often the key to the success of all of this,” he said the demonstration also showed. You can disarm a stressful situation” in this way and “bring clarity to what is often conflicting information and fast-paced change,” he told viewers.

The company plans to offer a complementary, four-hour follow-up session that will demonstrate what happens during such an incident and how it should be handled, he added.

To view the entire presentation, click here.

HITS Spring was presented by IBM Security with sponsorship by Genpact, Irdeto, Tata Consultancy Services, Convergent Risks, Equinix, MicroStrategy, Microsoft Azure, Richey May Technology Solutions, Tamr, Whip Media, Eluvio, 5th Kind, LucidLink, Salesforce, Signiant, Zendesk, EIDR, PacketFabric and the Trusted Partner Network.