Who IS responsible for a breach?

Next story


Mark James, ESET IT Security Specialist, takes us through fraud watch and who is ultimately responsible for a potential breach.


What are the cyber security responsibilities for security and compliance officers? What must they prove they have done if an attack takes place?


“Sadly, it is virtually impossible to protect 100% against cyber-attack. What you should do, however, is take reasonable care to ensure you have done all you can in protecting any private, personal or third party data stored on, or traveling through your servers.

“With the ever expanding knowledge of cybercriminals, there will almost always be someone who thinks of an alternative way to use software other than its intended use. They manage to find some loophole or flaw in the very software or hardware you are relying on to protect you.”


Where does the responsibility lie if an organisation's systems are hacked?


“In theory, it’s the CISO who is ultimately in charge of the security of your business, but often decisions made above him or her may influence their ability to do a thorough job.

“Providing they have done all they possibly can to safeguard and protect the data and systems, then it’s a case of learn, adapt and move on.

“The board and CEO should be taking an active and engaging approach to all aspects of security whether that’s a physical or cyberattack.


What are the obligations for the CISO in terms of protecting against a cyberattack?


“The CISO has the difficult job of managing the risk from an unknown enemy. They will need to evaluate dangers from all angles, ensure all hardware and software is updated, patched and running at optimal level.

“They will also have a plan in place for when something goes wrong, who needs to know and what needs to be done to mitigate any damage.

“Another key factor is keeping staff trained and up-to-date to ensure understanding on how attacks are happening and how to spot the early signs or cyberattacks.


Which cyber-attackers pose the biggest risks? Is it organised crime, activist/cause fighters, state funded attacks, or youths in bedrooms?


“From an organisational point of view, organised crime would seem to be the biggest risk. Large scale malware designed to target as many as possible, in the hope of snaring something successful is a major concern.

“Targeted attacks that are successful can reap big rewards but it’s often a one-time shot and takes a lot of time and effort to get right.


What methods are used to hunt down cyber-criminals?


“Law enforcements will use all means available to them to hunt down the bad guys, criminals will often do their best to be out of site with a view of completely hiding their activity but ultimately no one is truly anonymous.

“It’s very easy to think you’re doing everything right, covering your tracks, deleting everything you have created or used, but leaving no foot print whatsoever in the digital universe is very difficult.

“Law enforcement will use all manner of software, hardware and expertise available to them to monitor and track down the culprits, with global awareness becoming more prominent these days, more and more countries are working together to help protect against the global problem of cyber-attacks.


On a global scale, are there some countries which are more advanced in terms of defining the responsibilities of companies/organisations to defends against cyberattacks?


“Absolutely, and that can be a factor in finding, capturing and successfully prosecuting the bad guys. With many different countries having a vast array of what’s illegal and what’s not, cyber criminals will utilise this information for their defence.

Who do you think should be responsible for a breach? Let us know on Twitter @ESETUK

Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.