Incident Response cover image

Deborah Bird Haralson and 5 others

Incident Response

599 Viewers6,762 Page flips639 Followers104 Stories
Photo: www.schneier.com

Most recent stories in Incident Response

  • This article discusses what lies ahead for those involved in incident response. It states some obvious facts that incident response products and services are being seen more and more and that attacks are being much more sophisticated. Another problem is that companies under invest in their data protection and detection department. The article goes on to say that in order for IR plans to work, they need to follow some kind of framework, which they say needs to model a framework similar to OODA (Observe, Orient, Decide, and Act).

    Avatar - Aaron Torzala
    FlipboardIcon version of the Flipboard logo

    The Future of Incident Response

    Security is a combination of protection, detection, and response. It’s taken the industry a long time to get to this point, though. The 1990s was the …

  • In this article, NIST outlines what steps you need to take for coordinated cyber incident response. They start by saying to take inventory of information that they currently possess, information they can produce, and how it can be shared. The article goes on to say that organizations should start to think like a hacker so to speak when dealing with a cyber attack to better recover from it and better understand it. The draft is available for download via an included link at the bottom of the article. http://www.fiercegovernmentit.com/story/nist-outlines-steps-coordinated-cyber-incident-response/2014-11-05

    Avatar - Aaron Torzala
    Aaron Torzala
  • CBTS has just announced that their Advanced Cyber Security division has earned the NSA Cyber Incident Response Assistance (CIRA) certification. This certification proves that the company has state-of-the-art capabilities needed for rapid cyber security support to high-level government agencies. Although the certification is more savvy towards government agencies, it exemplifies the team's ability to provide the best incident response services to all business sectors. This is great news for CBTS and is a company worth looking into for a potential career. http://www.gsnmagazine.com/node/42835?c=cyber_security

    Avatar - Aaron Torzala
    Aaron Torzala
  • This article, written by Dr. Claudia Johnson, breaks down how a Incident Response plan should be done. She says to think of an IR plan as a fire drill. The first step is detection and ensuring proper processes are put in place to detect an incident. Along with that, you need to have evidence, log files as well as any other evidence need to be properly maintained for follow-up purposes. She goes on to say that you need to figure out the Who, What, and the Where as they are the "meat and potatoes" of an IR plan. Service Level Agreements are an absolute must as well in any IR plan as she goes on to say. Diagnostics, Mitigation, Resolution, and System Restoration are all of the other steps she goes on to say are crucial in an IR plan as well as ways to improve. These ways include: practice, review the plan regularly, document and preach, review major incidents after they have occurred, and ticketing systems. Last but not least, Disclosure needs to be conducted to alert pertinent individuals of such an incident occurring (cough Chase Bank cough)

    Avatar - Aaron Torzala
    CSO Online | Security at the speed of business

    CSO Online | Security at the speed of business

    CSO delivers the critical information about trends, practices, and products enterprise security leaders need to defend against criminal cyberattacks …

  • This article really puts things into perspective of how important it is to have a competent CSIRT team for any business. The article begins by stating how many companies have had their reputation damaged due to recent attacks (Chase, Target, Home Depot, Apple, Sony, etc.) The article explains how a CSIRT Team should be constructed by selecting experienced and certified individuals as well as disaster recovery specialists to aid in handling the aftermath of an incident. Bottom line, CSIRT's are paramount in an organization, now more than ever as large organizations are being targeted left and right.

    Avatar - Aaron Torzala
    Australia

    Australia

    Computerworld covers a range of technology topics, with a focus on these core areas of IT: generative AI, Windows, mobile, Apple/enterprise, office …

  • This article talks about key parts to a Disaster Recovery plan that are often overlooked. Some of the parts that the article talked about were key applications like human resources, payroll, and customer relations. Those are all highly important parts to a DR plan to ensure your company can stay up and running if it needs to move to a temporary location as part of recovering from a disaster. Hardware is also an important part to a DR plan as the article points out. Certain hardware may be necessary to provide email and/or cloud services, which is why it also needs to be included in a DR plan.

    Avatar - Aaron Torzala
    The "Weakest Link" In Disaster Recovery Success May Surprise You

    The "Weakest Link" In Disaster Recovery Success May Surprise You

    Your company is prepared. You have your disaster recovery (DR) plan written and available on an externally-hosted website. Your contracts are in place; your backups are verified and off-site. Your critical data is replicated to your DR provider. You have plans for all your people if the disaster …

See more stories
Incident Response
Magazine

More Magazines by Deborah Bird Haralson