Blog Posts Tagged with "Incident Response"


The Infosec Investment Equation - Can You Solve It?

April 09, 2012 Added by:Neira Jones

Redundant measures always expose themselves very rapidly: they either don’t help you run your shop, or nobody around you is interested in them. So if you still have some of these, your job is to scrap them because it will save some time and resources to apply elsewhere...

Comments  (0)


The Information Security OODA Loop Part 5: Act

April 06, 2012 Added by:Rafal Los

Practicing the OODA Loop for incident response is critical to making sure you avoid panic-induced decisions which could be catastrophic. If you're already formulating excuses as to why you won't be able to practice - just forget this altogether...

Comments  (0)


The Information Security OODA Loop Part 4: Decide

April 04, 2012 Added by:Rafal Los

There are any number of possible decisions to be made in an infosec OODA Loop cycle. Sometimes the most basic decision to be made is whether to act or to hold your position. Too often infosec tends to look at a potential event and assume that the response must be action...

Comments  (0)


The Information Security OODA Loop Part Three - Orient

April 03, 2012 Added by:Rafal Los

In infosec, if you've worked at companies who are doing security poorly and getting ravaged by hackers your first inclination may be desperation when your digital assets are under attack. It's hard to completely wipe the slate clean from previous experiences...

Comments  (0)


We Need Better Defensive Tools

April 02, 2012 Added by:Gabriel Bassett

Marketers, Google, Facebook, can piece information together to identify you even when you don't say who you are. Banks, online video games, and major web services can degrade service based on perceived threats. It's time for infosec to build such tools to execute a better defense...

Comments  (0)


The Information Security OODA Loop Part Two - Observe

April 01, 2012 Added by:Rafal Los

Infosec is in a constant chess match with the opposition. In order to have some way of fighting this asymmetric digital warfare, we need to have an organized, formalized way of identifying current threats and reacting in near-real-time in order to reach a state of detente...

Comments  (0)


The Information Security OODA Loop: An Introduction

March 29, 2012 Added by:Rafal Los

The OODA loop was invented by a military strategist, and the idea is that in order to win any given incursion you must go through your OODA loop faster than your opponent. Failing to do so can mean the difference between an incident and a catastrophic breach...

Comments  (0)


U.S. Northern Command Makes Cyber Security a Priority

March 26, 2012 Added by:Headlines

Northcom's responsibility in the cyber domain "is consequence management in the event of a catastrophic cyber attack on this country. Northcom could certainly be called upon to provide support to civil authorities in the recovery. But we think our role is broader..."

Comments  (0)


Incident Response and PCI Compliance

March 25, 2012 Added by:Chris Kimmel

One question you should be asking your penetration testing company is, “Do you also test my incident response?” This is an important piece of PCI compliance. As stated by section 12.9 of the PCI DSS v2, a company must implement an IRP and be prepared to respond to an incident...

Comments  (0)


Manage Risk Before it Damages You - Part One

March 20, 2012 Added by:Neira Jones

Assuming we have managed to address the infosec gap, we’re left with ensuring the security of information assets and services. Because we are all governed by material pressures, it would be unrealistic that we should embark on all encompassing programs to secure all assets..

Comments  (0)


CISSP Reloaded Domain Three: Telecoms and Network Security

March 19, 2012 Added by:Javvad Malik

Network security is so important yet because it’s complex, a lot of companies end up doing it wrong. Not as many people properly understand the security implications of the network and most companies don’t even know what their network is comprised of...

Comments  (1)


PCI: When a Breach is Not a Breach

March 08, 2012 Added by:PCI Guru

The lawsuit points out a disconcerting issue with a cardholder data breach: Any incident investigation initiated by the card brands under the PCI standards is going to focus on PCI compliance and not on whether or not the breach actually occurred...

Comments  (0)


Cloud Security Report: The Cloud May Be Safer

March 05, 2012 Added by:alan shimel

This first installment of what promises to be a semi-annual report sheds some real light on the differences between on premises and cloud security environments, and also advances the notion that despite the FUD the cloud may in fact be safer for certain kinds of applications...

Comments  (0)


Lessons from the Nortel Networks Breach

February 16, 2012 Added by:Suzanne Widup

Much is being published about how inappropriate the response to the Nortel incident was, but it demonstrates an important point for companies - how do you know when you’ve done enough? How do you tell when an incident is over, and you should go back to business as usual?

Comments  (0)


Reflections on Suits and Spooks DC

February 16, 2012 Added by:Jeffrey Carr

We should re-assess which attacks should be investigated and which should be let go. The FBI and US-CERT are overwhelmed with tracking everything from probes against government networks to DDoS attacks to targeted attacks against the Defense Industrial Base...

Comments  (0)


The Truth Behind Data Breaches

February 16, 2012 Added by:Neira Jones

SQLi was the number one attack vector found in both the Web Hacking Incident Database and the number one Web-based method of entry in incident response investigations. SQL injections were the number one Web application risk of 2011...

Comments  (7)

Page « < 3 - 4 - 5 - 6 - 7 > »