You are viewing 'planning'
Closing the books on the threats of 2015
It is hard to believe that the year is already coming to an end, and we are preparing to face the challenges that 2016 will surely bring. 2015 was a big year in cyber security (think OPM, Ashley Madison, countless out-of-cycle zero day patches). Instead of reliving all the incidents of 2015, let’s look at what we can do to make our environments more secure and better prepared for the challenges ahead.
Managing risk and mitigating impact to your organization should be your number one goal for the upcoming year. Here is the Solutionary 2016 security planning checklist that’ll help reach this goal:
- Prepare for and schedule your annual risk assessment. If you’re already doing this, great! If not, now is the best time to start.
- Review your existing incident response procedures, identify gaps, and make it a goal to fill those gaps in 2016.
- Update your network architecture, data flow, and storage architecture diagrams. Keeping...
Are you prepared for a security incident? #WarStoryWednesday
“Before anything else, preparation is the key to success.” Alexander Graham Bell
Most security personnel follow a six-step process when it comes to incident response. These six steps are outlined as follows:
- Preparation (before any incident)
- Detection and...
Forrester Research’s 2015 "Planning for Failure" report predicted that 60% of enterprises will suffer a breach in 2015. I have not crunched the numbers for Solutionary Incident Response (IR) engagements compared to last year, but I do know that we have had a significant uptick. Security breaches happen every day, and it is prudent for any organization to be prepared. I don’t want to jump on the bandwagon saying, “Every organization must have an incident response plan, and it must be scalable, applicable to the industry, anticipate breaches and be practiced”. That is a given. In theory, this sounds easy, but organizations aren’t always able nor have the resources to do so. What I’m starting to discover is that organizations do have an IR plan written down to some degree, and... read more >
Recent SANS survey reveals major impediments to Incident Response efforts
A recent white paper, “The Race to Detection: A Look at Rapidly Changing IR Practices” published by the SANS Institute and authored by Alissa Torres, sheds some reasonable light into the current state of incident response (IR) practices. The white paper surveyed a wide variety of incident response professionals for recommendations and experiences. All of the concerns from the various IR professionals resonated with what I have seen in my experience as an incident responder.
The report states that the threat landscape is rapidly changing; with many respondents to the survey reporting that cyber attackers are increasing in their sophistication and efficiency. In fact, many of the criminal organizations involved in cybercrime are adopting the same techniques and tools... read more >
What is the state of your IT security team?
When it comes to incident response, “always be prepared” is a key phrase. I often give lectures to security professionals, and one of my favorite questions to ask is, “How many hours per day do you spend at work?”. The usual answer is eight, which is common in the corporate world. We go to work. We spend our allotted amount of time doing whatever it is we do during the morning. We go to lunch. We return and finally we go home at the end of our eight hours. Do you think this is what the hackers are doing? No, they spend 12, 16 and even 18 or more hours a day trying to breach your network. They live, breath, eat and sleep hacking. Can your security staff say the same?
If we fail to prepare for an incident or deal with a threat, then it is little wonder that we are losing the cybersecurity battle. Our enemies dream in code and we worry about the inter-office bureaucratic things. Rather than being given the time, the support and the authority... read more >