Tag Archives: Incident response

4 Important Steps to Take When Creating an Incident Response Plan

By Erik Leach, CISSP, SCF Imagine coming home and finding your house broken into and some of your belongings missing.  As you totter from room to room, you would probably feel anger, frustrated, disturbed and a little overwhelmed.  At a vulnerable moment such as that, it probably would not be the best time to engage […]

RANSOMWARE: CURRENT STRAINS, ATTACK VECTORS AND PROTECTION

By Steve Lawn, Senior Consultant Staying ahead of security threats is no easy task. One threat that should definitely be on your radar is ransomware. From hospital heists to attacks on schools and other businesses, ransomware is costly and is projected to be one of the biggest threats in 2016. According to CNN, the FBI […]

INCIDENT RESPONSE: KNOWING YOUR OBLIGATIONS IN THE EVENT OF A SECURITY BREACH

Author: Glenn A. Stout, Ph.D, PMP Your organization just experienced a data security incident. All of the data that was entrusted to your organization to be kept safe is now “out there” on the Internet.  Your organization doesn’t have an incident response plan.  Who do you call?  When should you call?  What information needs to be […]

ENDPOINT DETECTION AND RESPONSE: FIRE FOR EFFECT

The modern digital landscape is a battleground rife with adversaries ready and willing to go to great lengths to steal your data. Clever independent attackers and state-sponsored actors alike are deploying increasingly effective versions of cyber-attacks intended to intrude, infect, steal, evade, disrupt and destroy everything they touch. To defend themselves, many businesses are investing […]

PREPARING FOR YOUR DATA BREACH

Author: Chris Cronin, ISO 27001 Auditor Most InfoSec professionals don’t want to think about becoming the next victim of a major data breach to make the headlines. And yet when faced with another major data breach it is a time when Executive Management and security teams reflect on their own insecurities. The latest breach is being […]

How to Secure Your Assets from Cyber Sewage

There I was, ankle deep in raw sewage, incredulous that for the second time this summer, my basement was filling up with foul smelling murky waste. As I looked hopelessly at my wife while the water level continued to rise, I angrily thought to myself, “What else can I do?” Didn’t I shell out some […]

“The Walking Dead” and Windows XP

The IT world is preparing for one of its highest profile deaths on April 8th, 2014. Microsoft will be discontinuing security updates and technical support for Windows XP and its variants. Microsoft will not mourn, as their call to action is to migrate off of one of its most popular consumer operating systems in history.

As Part of Your Incident Response Plan, Make Sure There are Needles in Your Haystack

Incident Responders take a lot of pride in finding that ‘Needle in the Haystack’ when conducting data breach investigations. The thrill of forensics lies in finding the tiniest clue that unravels the story of how a breach occurred and what exactly was compromised as a result. But the reality is that during forensic investigations, there […]

Expecting the Unexpected, Removing Fear From a Security Incident

Once again another company is on the heels of a massive data breach where intellectual property, customer records, private information, you-name-it, has been compromised. The recent news of Adobe Systemsi where a malicious entity stole intellectual property and accessed millions of credit card numbers is another case where “if there is a will, there is […]

The Best Malware Defense: Strategy First, Technology Second

I’m one of those fortunate information security professionals who plays both sides of the technology defense game: I’m your incident response guy and your preventive technologies guy. When I’m working with a company after they’ve been breached I can see pretty quickly what defenses they were missing that allowed the breach in the first place, […]