Blog Posts Tagged with "Incident Response"

44a2e0804995faf8d2e3b084a1e2db1d

Correlating and Escalating Cyber

October 02, 2012 Added by:Don Eijndhoven

So here we have a rather clear-cut case of attacker correlation which, as ever, is done pretty much after the fact by an international firm who investigated the malware. My question is: How do you deal with this as a nation, as it happens?

Comments  (7)

099757b145caa6965ea51494adbc25ba

How to Secure Windows 2000... For a Limited Time

September 07, 2012 Added by:Drayton Graham

A number of organizations are still using Windows 2000. It is up to the organization to determine the acceptable risk for continued use of Windows 2000-based systems. If Windows 2000 is a necessity at this time within your environment, here are some security techniques you can implement...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Utility Breach Prompts Enforcement and Industry-Wide Security Review

September 06, 2012 Added by:David Navetta

Expect an uptick in privacy enforcement by state utility regulators. Utilities across the country are advised to review their information security programs (including vendor management requirements) and breach response processes to address their regulators' concerns...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Throwing Stones in Glass Houses: Views on the Security Industry

August 26, 2012 Added by:Rafal Los

The Information Security industry is rife with negativity. Why are we so quick to pile on to others' pain? Isn the security community just more cynical by nature, is it psychological? Are we wired this way? As an industry, our goal is to create more resilient, more secure' and more defensible postures for everyone...

Comments  (1)

924ce315203c17e05d9e04b59648a942

Is Your IT Posture that of a Protector, a Detective, or a Warrior?

August 19, 2012 Added by:Richard Stiennon

The attackers are going to breach your network to get what they want. The question is: how fast can you discover an intrusion, figure out what the attacker is after, stop the attack, clean up – and prepare for their return? After all, motivated attackers will be back...

Comments  (0)

C4363f41d25c216c53c8d71a1ac44a90

Reverse Deception: Organized Cyber Threat Counter-Exploitation

August 15, 2012 Added by:Matthijs R. Koot

The intent of deception is "to get the adversary to act confidently and predictably". If you want to be inspired to think about deception/MILDEC as means of counterintelligence (CI) in cyberspace. I recommend this book. If you already work in CI, you may find it useful to evaluate your existing beliefs...

Comments  (0)

9f19bdb2d175ba86949c352b0cb85572

Infographic: The Social Media Side of Incident Response...

August 13, 2012 Added by:Neira Jones

It seems that my previous post on the social media side of incident response attracted some attention and I thank everyone for their feedback. This prompted me to explore the brave new world of infographics... So here we go, my first foray into what is for me uncharted territory...

Comments  (0)

145dfdfe39f987b240313956a81652d1

Simulation Training Reinforces Security, Business Continuity

August 05, 2012 Added by:Stacey Holleran

If your organization were to experience a serious disruption in network connectivity due to a weather event, a fire or a cyber attack, how quickly could it resume business operations? Which people, processes and technologies would be involved in the recovery? How can you be sure nothing has been overlooked?

Comments  (0)

Ee5e595fc2be8a24327ce7cefe0f7b2c

A Packet of Risks and a Small Pot of Tea

July 29, 2012 Added by:Christopher Laing

Risks are just circumstances that if they occurred, would have some impact on the business. Naturally risks can potentially disrupt the business, but if identified, planned for, and effectively managed, risks can have a beneficial impact on the business. The key word here is managed...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Security Mistakes You Will Make on Your Next Cloud Project

July 18, 2012 Added by:Danny Lieberman

The Cloud Security Control model looks great, but it doesn’t mitigate core vulnerabilities in your software. Once you choose the right service model and vendor, put aside the security reference models and focus on hardening your application software. It’s your code that will be running in someone else's cloud...

Comments  (0)

9f19bdb2d175ba86949c352b0cb85572

On Failing Gracefully...

July 18, 2012 Added by:Neira Jones

You know the feeling: You think you have it all under control, you think you've engaged with the right people, you have buy in from those who matter, the right culture is in place, you're not struggling for investment and bang! You get hacked. Overwhelming sense of failure ensues. Where did it all go wrong?

Comments  (0)

E11e506024f5d2b70f037b9af4734f33

Government Agencies Gain Emergency Internet Control

July 16, 2012 Added by:Stefano Mele

"Survivability, resilient, enduring, and effective communications, both domestic and international, are essential to enable the executive branch to communicate... Such communications must be possible under all circumstances to ensure national security, effectively manage emergencies, and improve national resilience..."

Comments  (0)

850c7a8a30fa40cf01a9db756b49155a

On the Right to Bear Cyber Arms

July 10, 2012 Added by:J. Oquendo

An attacker is decimating my infrastructure. I have purchased and deployed every security technology I can think of. I have contacted law enforcement as a matter of relevance, but I know they will not be able to do much. I have given the service provider two fair warnings. I now fight fire with fire...

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Honeypots Can Help Safeguard Your Information Systems

July 10, 2012 Added by:Brent Huston

Honeypots are simple technology intended to be compromised. There is little or no production traffic going to or from the device, so any time a connection is sent it is most likely a probe, scan, or an attack. Any time a connection is initiated from the honeypot, this most likely means it was compromised...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Resilient Enterprise: Resolving Issues Faster

July 03, 2012 Added by:Rafal Los

How can we both restore service quickly and solve a long-term systemic problems when we can't always tell that two issues are even related? Optimize the analysis between changes, connected systems and components to figure out dependencies in cases such as linked and distributed failures...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Are Enterprises Really Hacking the Hackers?

June 27, 2012 Added by:Rafal Los

Active defense is using technology which can confuse an attacker, mislead them into spending time on worthless parts of an application, or slowing the response rate of the network or application down. That's active defense. Striking back involves actually going on the offensive, which is likely highly illegal...

Comments  (1)

Page « < 1 - 2 - 3 - 4 - 5 > »