These people need to know specifically what their responsibilities are. They need to know how to respond to users reporting potential attacks. They should know the specific actions to take in response to the pending attacks. Again, their actions depend upon their roles and responsibilities, but they should be well defined in advance. The last thing you want is for a user to properly respond to and report an incident, and then the people contacted do not know what to do.
Creating a culture of awareness, action, and communication improves both incident detection and response. Your user base becomes aware and active when it comes to potential attacks. This increases the effectiveness of the security team, exponentially growing its capacity to detect and respond to attacks.
In the ideal world, people should be constantly on the alert for potential attacks and know how to respond. Again, that is not what we experience in the real world. While we don't wish that any organization should be targeted, the fact is that just about every organization is the potential victim of many ongoing attacks. The phishing scams resulting from the Anthem hack made many organizations a potential targets, and this attack is in no way unique.
However, these potential and actual attacks can be outstanding catalysts for making your awareness programs incredibly effective. Don't squander these ongoing, incredible opportunities.
Sign up for Computerworld eNewsletters.