When informed of a targeted attack by skilled hackers, what should the information security manager do first?

The most appropriate action for an information security manager upon becoming aware of a targeted attack by skilled hackers is to immediately advise senior management of the elevated risk.

This response is critical because senior management needs to be informed of the heightened risk to make decisions about resource allocation, risk management, and strategic response measures. Communication with senior leadership ensures that there is awareness at the highest levels of the organization, which is essential for a coordinated response to cyber threats. It enables the organization to mobilize necessary resources and to take swift action to protect critical assets and data.

Furthermore, management needs to understand the potential implications of the targeted attack so they can prioritize their response strategies, including potential impact on business operations, financial implications, and reputation. Engaging management also emphasizes the importance of having a clear incident response plan and ensuring that roles and responsibilities are understood throughout the organization.

In contrast, while performing a comprehensive assessment, initiating training, or increasing monitoring are all important aspects of an information security response, these actions are more effective when taken after management has been informed and a coordinated effort can be made. Prompt communication with leadership is the keystone for effective incident management and response in the face of targeted threats.