Coordinated Response
Services and tools for incident response management

GAO Statistics for Cybersecurity Incidents

Cybersecurity incidents double in 5 years

In a report of recent congressional testimony, GAO provides statistics that provide insight. The report is available from the GAO Web Site.

Incidents over Time

GAO Incidents Time

Incidents by Category

GAO Incidents 2013

Coordinated Response

How does this compare with your experience? Does your response plan address this range of cybersecurity incidents? At Coordinated Response we use this type of information to inform our response plan development and response plan reviews.

Enhance Data Breach Response – 6 Recommendations

The GAO in Congressional testimony made the recommendations

A report of the testimony is available from the GAO Web Site. For some interesting statistics from this report refer to GAO Statistics on Cyber Security.

Key Management Practices

  • Establish a data breach response team;
    rely on IT security staff for technical remediation;
    identify an extended team that includes the information owner, the CIO,
    the CISO, the privacy officer, public affairs, and legal counsel among others.
  • Train employees on their role;
    train of employees with access to sensitive data on their responsibilities;
    train the response team on their role in the incident response plan.

Key Operational Practices

  • Submit reports to appropriate entities;
    prepare and submit reports for internal use, to the US-CERT within 1 hour of discovery,
    and to other external entities as appropriate.
  • Assess the impact both in breadth and in depth;
    identify the nature of the data, the number of individuals, the likely potential for harm,
    and the possibilities for mitigation; this assessment determines incident actions and reports.
  • Offer affected individuals assistance;
    as appropriate and as required, help  mitigate the individual’s risk
    through credit monitoring for example.
  • Analyze the breach response; identify lessons learned.

 

Coordinated Response

With this information the response team makes informed decisions on what resources to apply and what actions to take. Refer to our Response Management Framework for added insight.

Let us help you with a response plan review that considers your information security risk assessment.