Business Continuity Management / Disaster Recovery , CISO Trainings , Governance & Risk Management
Breaking Down Incident Response in Higher Education
Galeboe Mogotsi on Effective Incident Reporting and Recovery StrategiesAn effective incident response plan must prioritize backup and recovery strategies, which can sometimes be the biggest challenge, said Galeboe Mogotsi, CISO of the University of the Witwatersrand, or Wits University, who discusses the complexities of incident reporting and cyber resilience in the education sector.
See Also: Real-World Strategies for Securing Remote Workforces and Data
Backup and recovery is always a gray area for security. "CISOs, information security incident coordinators or managers are sharing that responsibility with the CTO. We have to ensure that when we do our disaster recovery plan or our backup recovery plan, the information security team is part of those conversations because that is when we are going to sit and talk about business impact analysis."
Universities often have decentralized IT structures and less regulatory pressure, which fosters organizational silos. Mogotsi pointed out that "the challenge is silo mentality. If those silos can be broken down, we can elevate information security to an organizational risk, not just an IT risk."
In this video interview with Information Security Media Group, Mogotsi discussed:
- The critical components of an effective incident response plan;
- Challenges to implementing cyber resilience programs in the education sector;
- Strategies for continuous improvement and stakeholder engagement in incident response.
Mogotsi oversees and manages all facets of cybersecurity to ensure the protection, integrity and availability of Wits University's infrastructure and information assets. He has more than 18 years of experience in digital technology and cybersecurity and is a hands-on leader who specializes in steering organizations through dynamic technological landscapes.