Search
To handle supply chain attacks, ransomware and other incidents, companies need cyber incident response plans that include third parties. In this interview, Marianne Bailey of Guidehouse shares her lessons learned from handling major events in government.
In this interview with Richard Pallardy from InformationWeek, she provides detailed advice on how to renegotiate agreements with third-party providers, ensuring the highest possible level of response to an attack.
Talk to me a little bit about incident response simulation tests. How are they best run? What kinds of gaps should they be probing?
"It's really good to do tabletop exercises. They're very, very effective when it comes to incident prevention and incident response. Companies should do them every single year. There are so many people that have a role in response that you don’t typically think of. You think the IT department has to fix it. Maybe the chief information security officer has a role in it. Well, guess what? So does the CIO, the CEO, the CFO, and the CPO. These people need to know their roles when the chaos comes. During the chaos is not the time to figure it out.
Read Marianne Bailey's recent InformationWeek interview where she offers insights about Ukraine and security best practices on how companies can most effectively fortify their defenses.
Marianne Bailey, Partner
Complexity demands a trusted guide with the unique expertise and cross-sector versatility to deliver unwavering success. We work with organizations across regulated commercial and public sectors to catalyze transformation and pioneer new directions for the future.