Blog Posts Tagged with "Incident Response"


Incident Response and Risk Management Go Hand in Hand

February 12, 2012 Added by:Neira Jones

Residual risk is inevitable, so incident response becomes a crucial part of managing it. As the risk assessment identifies the assets critical to a business - threats, vulnerabilities and controls - so should the incident response plan concentrate on critical assets...

Comments  (2)


Incident Response: Have You Got a Plan?

February 06, 2012 Added by:Neira Jones

We should always aim to reduce the frequency of security incidents by effectively securing networks, systems, applications and have the appropriate policies and processes in place, and the NIST report helps in providing guidelines on responding to incidents effectively...

Comments  (0)


Security: Failing Gracefully, or Just Failing?

February 01, 2012 Added by:Dave Shackleford

We’re pretty good at if-then analysis for controls in security. Let’s turn it around though and start thinking if-then in the negative sense. Prevention tools and processes need to fail gracefully and lead us into detection and response mode...

Comments  (0)


SEC Calls for Cohesive Incident Response and Reporting

December 09, 2011 Added by:Steven Fox, CISSP, QSA

This guidance is designed to “elicit disclosure of timely, comprehensive, and accurate information about risks and events that a reasonable investor would consider important to an investment decision,” including those related to information security breaches...

Comments  (0)


Infosec: Homer Simpson or George Washington?

November 28, 2011 Added by:Ali-Reza Anghaie

Consider three fields when pondering infosec strategies: Defense, Economics, and Healthcare. All three have grasped nonlinear preventative and swarm tactics in a way we would be wise to consider. And like infosec, all three also have snake oil salesmen and demons to satiate...

Comments  (1)


SEC Issues Guidance on Security Incident Disclosure

October 31, 2011 Added by:David Navetta

What the guidance document does stress, however, is process and risk assessment. One read of this guidance is that companies internally are going to have to more carefully forecast and estimate the impact of cyber incidents and the consequences of failing to implement adequate security...

Comments  (0)


Confusing Inconvenience for Enterprise Security

October 21, 2011 Added by:Rafal Los

When a problem that has been ignored for years suddenly causes immense pain, the result is an often a rash reaction that is grounded in fear and 'the need to do something' rather than a sane approach to securing assets, leading mostly to inconvenience and not better security....

Comments  (0)


LastPass Demonstrates Impeccable Crisis Handling

May 17, 2011 Added by:Ben Kepes

The actions of LastPass have been exemplary – the actual loss in this instance was either non-existent or negligible. Many larger companies would have simply brushed this under the table and perhaps introduced some new security measures under the cloak of a version update...

Comments  (0)


What Can We Learn From The Epsilon Breach?

May 02, 2011 Added by:PCI Guru

Epsilon appears to have caught this breach quickly because they were monitoring their network systems. What this incident points out is that even when you are monitoring your environment, it still takes a while to recognize that a breach is in progress...

Comments  (0)


Incident Response: Practice Makes Perfect

April 09, 2011 Added by:Brent Huston

Perhaps you will be lucky and never experience a bad information security incident. But if you do, you will be very glad indeed if you have a well practiced information security incident response program in place...

Comments  (0)


Computer Incident Response and Product Security

April 03, 2011 Added by:Ben Rothke

Be it a IRT, CIRT, CERT, or CSIRT, whatever the term used, companies desperately need a team to formally respond to computer security incidents. The simple equation is that to the degree the incident is quickly identified, handled and ameliorated, so is the damage contained...

Comments  (0)


The RSA Hack: Don't Overreact

March 27, 2011 Added by:Eric Cissorsky

When IT Security panics, it causes ripple effects throughout the enterprise. In the event this turns out to be a serious breach, you will be credited with keeping your cool and weathering the storm. Overreacting to any security incident can undermine your department's credibility...

Comments  (0)


Improving Insider Threat Testing

February 03, 2011 Added by:Rob Fuller

We need to build organizations up in the detection department from a pentesters point of view. We are loosing this battle, and one of the reasons is we keep our bag of tricks to ourselves, and that's what insider threat testing is all about, getting all the tricks tested in a more open fashion...

Comments  (1)


Computer Incident Response and Product Security

January 31, 2011 Added by:shawn merdinger

Having a team and process in place to handle incoming vulnerability reports from external sources is a sign of vendor maturity. Not having either can quite likely result in a vendor having a "zero day" vulnerability and proof-of-concept exploit published on a public mailing list...

Comments  (0)


Case Management for Security Incident Investigators

January 20, 2011 Added by:Lindsay Walker

If 2010 was an indicator of the future of security related incidents in the workplace, something needs to change. It seems that, no matter how robust your corporate security program is, there's still no guarantee that information won't get leaked...

Comments  (0)


Computer Security Incident Response - Part 3

November 16, 2010 Added by:John McGloughlin

The efficiency and effectiveness of the Security Operations Center (SOC) team depends on disciplined conduct, continuous communication, uniformed approach, low defect rates and positive attitudes. This team is the basis of a continuous effort to protect the assets of the corporation...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »