Consortium of Leading Cyber Technology and Insurance Providers Announce the Launch of SafeHouseInitiative.org
January 17, 2023
No Comments
This is a companion blog to the “The SafeHouse” podcast dated December 9,2024. In this first part of a two-part series of The SafeHouse Podcast with Eder Ribeiro, Director of Global Incident Response at TransUnion, and host Jeff Edwards, Co-chair of the SafeHouse Initiative, they discuss how to lower your cyber risk by having an Incident Response Plan. Listen to the original podcast here: https://safehouseinitiative.org/the-anatomy-of-incident-response-pt-1/
In this discussion, Eder sheds light on the anatomy of incident response, emphasizing its relevance for businesses of all sizes.
Eder’s journey to the realm of incident response is a testament to the evolving nature of careers in this field. Originally from Brazil, Eder moved to the U.S. and joined the Rhode Island Army National Guard at 17. His path took a turn when he realized his passion for technology and problem-solving, which led him to pursue a joint degree in law and cyber security.
Reflecting on his career, Eder shared, “It was a windy road… there wasn’t as much of this kind of thing going on 15 years ago.” His experience ranges from consulting on cybersecurity to establishing a digital forensic response practice, showcasing the diverse opportunities available in incident response.
So, what exactly is incident response? Eder defines it as a comprehensive approach that should encompass every organization, given that all businesses today rely on digital systems. “There is no business without a digital footprint anymore,” he states, highlighting the necessity for proactive measures against cyber threats.
Incident response is more than just a technical necessity; it’s a critical part of doing business. Eder emphasizes the importance of planning and preparation, stating that “IR plans should not just apply to business; they should apply to people too.” This perspective broadens the scope of incident response, making it relevant for individuals navigating their own digital lives.
When discussing the elements of incident response across different business sizes, Eder notes that while there are common pillars, variations exist based on industry and business scale. “There are always pillars… but there’s a lot of variation that’s going to be industry dependent,” he explains.
Regardless of size, every business has digital assets, whether it’s a bakery with an email account or a CPA firm managing sensitive financial data. Eder emphasizes that “both businesses can benefit from looking at IR through a basic principles lens.”
Eder passionately advocates for the necessity of having a written incident response plan. He believes that such a plan serves as a “guiding book” during crises, helping organizations navigate through the chaos that follows an incident. “When you have the ‘oh no’ moment, it’s critical to know what to do,” he asserts.
He warns of the dire consequences that can arise from neglecting cyber hygiene, sharing stories of businesses crippled by ransomware attacks. “We’ve seen ransomware incidents shut down small businesses… it’s incredibly sad to see,” he laments.
The insights shared by Eder Ribeiro underscore the importance of understanding incident response as a fundamental aspect of business operations. As the digital landscape continues to evolve, so too must our strategies for mitigating risks and responding to incidents. By investing in a comprehensive incident response plan, businesses can better prepare themselves for the inevitable challenges that lie ahead.
Stay tuned for part two of this discussion, where Eder will delve deeper into the strategies and best practices for effective incident response.
For more information and resources, feel free to visit the SafeHouse Initiative website: https://safehouseinitiative.org/.
