Blog Posts Tagged with "Incident Response"


Logging: Opening Pandora's Box - Part 4 - Awareness

May 20, 2012 Added by:Rafal Los

Awareness is the ability to know, understand and react to various types of events in near-real-time in order to defend your enterprise. Whether you're defending it from performance failures, functionality failures, or security failures is dependent on the group you work in...

Comments  (0)


US Enhances Cybersecurity Collaboration with Australia

May 18, 2012 Added by:Headlines

This statement of intent will help enhance situational awareness and information sharing on cybersecurity issues, increase collaboration and sharing of cybersecurity best practices, and create opportunities for training and cooperation in cyber exercises...

Comments  (0)


Vulnerabilities: Context Matters

May 13, 2012 Added by:Jack Daniel

You do need to assess how the vulnerability is exposed, what mitigations are in place or even possible, how hard the threat may be to execute against your situation, and whether there is a graceful failure mode if the opportunity turns out to be inopportune...

Comments  (0)


ICS-CERT: Planning for a Cyber Incident?

May 08, 2012 Added by:Infosec Island Admin

Organizations without an existing incident response capability should consider establishing one. To aid control systems owners and operators, the CSSP has prepared a Recommended Practice: Developing an Industrial Control Systems Cybersecurity Incident Response Capability...

Comments  (0)


Breached! Now What? Seven Steps to Avoid Failure Panic

May 07, 2012 Added by:Rafal Los

To many organizations, a security breach means a catastrophic failure in security signifying a breakdown in the mechanisms installed to keep the organization secure, and by its very nature represents failure. The problem with this situation is it really represents two failures...

Comments  (1)


US Cybersecurity Capability: National Preparedness Report

May 07, 2012 Added by:Plagiarist Paganini

Cybersecurity is identified as a priority issue to enhance the efficiency of prevention and incident response. The report invites federal and private sector partners to accelerate initiatives to enhance data collection, detect events, raise awareness, and respond to incidents...

Comments  (0)


Information Security is More than Prevention

May 04, 2012 Added by:Brent Huston

One of the biggest signs that an organization’s infosec program is immature is they have an obsessive focus on prevention and equate it with security through knee-jerk reactions to vulnerabilities, never-ending emergency patching situations and a continual fire-fighting mode...

Comments  (0)


Security: Is it Who or What That is Important?

May 04, 2012 Added by:PCI Guru

There is a very active discussion going on in security circles about understanding adversaries and how that impacts security strategy. I have taken a contrarian position in this argument and have stated that, in the scheme of things, I do not believe that you need to waste time understanding your enemy...

Comments  (6)


ICS-CERT: The Role of Fusion Centers

May 03, 2012 Added by:Infosec Island Admin

ICS-CERT recommends that industrial control systems owners and operators contact their local fusion center to better understand the role of their fusion center in supporting the private sector in critical infrastructure protection and cybersecurity...

Comments  (0)


ICS-CERT: Event Auditing and Log Management

April 30, 2012 Added by:Infosec Island Admin

Without properly configured auditing and logging practices, incident response teams often find it difficult to determine the significance of a cybersecurity event. ICS-CERT has provided a collection of resources to assist vendor and asset-owner security teams...

Comments  (0)


When Statistics Fail: Planning for Things You Can't Expect

April 27, 2012 Added by:Rafal Los

In incident preparedness, if you don't already, maybe it's time for a chapter on worst case scenarios. Lots of organizations have these, but as I pointed out, many aren't even thinking about testing their own incident response plans much less looking at the absolute worst-case...

Comments  (0)


Exposing Unproven Enterprise Security

April 25, 2012 Added by:Rafal Los

Before you call me an alarmist, unless you've tested your defenses you can't actually be sure with any amount of certainty whether they work. I don't mean this in a "can we ever be really sure?" philosophical sense here - I mean this in a concrete "does this even work?" sense...

Comments  (0)


Protecting Your Enterprise by Breaking It

April 20, 2012 Added by:Rafal Los

In a nutshell, if you (in information security) haven't broken things in your organization's networks, you're likely terribly unprepared for when things to wrong and thus are doing it wrong. Now, before you come all unhinged, read the rest of this post...

Comments  (0)


What the Titanic Teaches Techies

April 15, 2012 Added by:Allan Pratt, MBA

No one wants to think that disaster will strike, but it’s better to have policies in place and not need them – because you never know when you may encounter an iceberg - especially for those of us who live and breathe in the information security arena...

Comments  (0)


Nine Tips for CSOs to Get a Fresh Start this Spring

April 13, 2012 Added by:Jason Clark

With everything in the threat landscape changing so frequently, it’s important to reassess your current status and plan for the coming year, whenever we can come up for air. So, I came up with the following nine tips to help you get a fresh start this spring...

Comments  (1)


On Data Breach Containment

April 12, 2012 Added by:Rafal Los

You've heard us say for a while now that information security isn't about reaching some mythical state of 'secure' but rather a constant battle on the ever-changing front lines of your organization to minimize any damage that the evil hackers can do once they find an in...

Comments  (0)

Page « < 2 - 3 - 4 - 5 - 6 > »