You are viewing 'planning'

Checklist for 2016 Incident Response Planning

Closing the books on the threats of 2015

Rob Kraus

December 30, 2015 - Posted by Rob Kraus to Security Insight

2016 Goals

It is hard to believe that the year is already coming to an end, and we are preparing to face the challenges that 2016 will surely bring. 2015 was a big year in cyber security (think OPM, Ashley Madison, countless out-of-cycle zero day patches). Instead of reliving all the incidents of 2015, let’s look at what we can do to make our environments more secure and better prepared for the challenges ahead.

Managing risk and mitigating impact to your organization should be your number one goal for the upcoming year. Here is the Solutionary 2016 security planning checklist that’ll help reach this goal:

  • Prepare for and schedule your annual risk assessment. If you’re already doing this, great! If not, now is the best time to start.
  • Review your existing incident response procedures, identify gaps, and make it a goal to fill those gaps in 2016.
  • Update your network architecture, data flow, and storage architecture diagrams. Keeping...
read more >

Preparation is Key to Incident Response Success!

Are you prepared for a security incident? #WarStoryWednesday

David Biser

December 02, 2015 - Posted by David Biser to Security Insight

Before anything else, preparation is the key to success.” Alexander Graham Bell

Most security personnel follow a six-step process when it comes to incident response. These six steps are outlined as follows:

  1. Preparation (before any incident)

    **Incident Occurs**

  2. Detection and...
read more >

Top 3 Most Harmful Cyber Incident Response Practices

Susan Carter

September 22, 2015 - Posted by Susan Carter to Threat Intelligence

Cyber Intelligence

Forrester Research’s 2015 "Planning for Failure" report predicted that 60% of enterprises will suffer a breach in 2015. I have not crunched the numbers for Solutionary Incident Response (IR) engagements compared to last year, but I do know that we have had a significant uptick. Security breaches happen every day, and it is prudent for any organization to be prepared. I don’t want to jump on the bandwagon saying, “Every organization must have an incident response plan, and it must be scalable, applicable to the industry, anticipate breaches and be practiced”. That is a given. In theory, this sounds easy, but organizations aren’t always able nor have the resources to do so. What I’m starting to discover is that organizations do have an IR plan written down to some degree, and... read more >

Incident Response Impediments

Recent SANS survey reveals major impediments to Incident Response efforts

David Biser

September 15, 2015 - Posted by David Biser to Security Insight

Cyber Attacks Ahead

A recent white paper, “The Race to Detection: A Look at Rapidly Changing IR Practices” published by the SANS Institute and authored by Alissa Torres, sheds some reasonable light into the current state of incident response (IR) practices. The white paper surveyed a wide variety of incident response professionals for recommendations and experiences. All of the concerns from the various IR professionals resonated with what I have seen in my experience as an incident responder. 

The report states that the threat landscape is rapidly changing; with many respondents to the survey reporting that cyber attackers are increasing in their sophistication and efficiency. In fact, many of the criminal organizations involved in cybercrime are adopting the same techniques and tools... read more >

Five Tips to Prepare for a Security Incident

What is the state of your IT security team?

David Biser

July 16, 2015 - Posted by David Biser to Security Insight

Time for Change

When it comes to incident response, “always be prepared” is a key phrase. I often give lectures to security professionals, and one of my favorite questions to ask is, “How many hours per day do you spend at work?”. The usual answer is eight, which is common in the corporate world. We go to work. We spend our allotted amount of time doing whatever it is we do during the morning. We go to lunch. We return and finally we go home at the end of our eight hours. Do you think this is what the hackers are doing? No, they spend 12, 16 and even 18 or more hours a day trying to breach your network. They live, breath, eat and sleep hacking. Can your security staff say the same? 

If we fail to prepare for an incident or deal with a threat, then it is little wonder that we are losing the cybersecurity battle. Our enemies dream in code and we worry about the inter-office bureaucratic things. Rather than being given the time, the support and the authority... read more >

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)