Now Available!
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedInHere’s what that Capital One court decision means for corporate cybersecurity
The judge’s ruling essentially functions as a reprimand of the way many incident response firms now interact with their clients, according to Edward McNicholas, co-leader of the privacy and cybersecurity practice at Ropes & Gray. If a security company consistently is selling a client other services while working on retainer, and the differences aren’t clear […]
To Survive a Data Breach, Create a Response Playbook
When developing a data breach response plan, identifying everyone who must be involved in the plan – as well as at which stages – is key, as is doing so in advance. “Today, in working on their cyber preparedness, companies regularly involve areas of the company outside information security, including counsel, compliance, senior management and […]
Maslow’s hierarchy of needs for incident response | CSO Online
That bad actors have long been able to infiltrate a network and wait for the right moment to attack is alone enough to expand incident response processes. Now that some of these attacks have the capacity to spread laterally, it’s an imperative. To that end, incident response may be best considered in a framework that […]
My Recent Article about Vanguard’s Cybersecurity Stumble
What’s most important is often the response to a mishap rather than the mishap itself.
The Incident Response “Fab Five” | Network World
I’ve been focused on security analytics for several years and spent a good part of 2015 investigating technologies and methodologies used for incident response. Based upon lots of discussions with cybersecurity professionals and a review of industry research, I’ve come up with a concept I call the incident response “fab five.” Enterprise organizations with the […]
What you sound like after a data breach | Naked Security
Hopefully you’ve never had anything stolen in a data breach, but if you have I hope you’ve been spared the salted wound of the non-apology. There are notable exceptions of course but as data leaks and network breaches get larger, more common and more damaging, a humble sorry seems to be the hardest word. via What you […]
Gaza cybergang, where’s your IR team? – Securelist
Gaza cybergang is a politically motivated Arabic cybercriminal group operating in the MENA (Middle East North Africa) region, mainly Egypt, United Arab Emirates and Yemen. The group has been operating since 2012 and became particularly active in Q2 2015. One interesting new fact about Gaza cybergang activities is that they are actively sending malware files […]
Incident Response: More Art than Science | Network World
Over the last year or so, the cybersecurity winds have shifted once again. With the onslaught of new detection engines, CISOs need ways to collect, process, analyze, and react to volumes of incident detection data in a timely fashion so they can actually respond to incidents. Why the change? Incident response (IR) is where technology […]
CareFirst Data Breach: A Primer on its Incident Response
What is the key to CareFirst’s incident response, i.e., what should CareFirst be doing right this minute?
Welcome to John Reed Stark and ‘Stark on Incident Response”
Cybersecurity Docket welcomes John Reed Stark and his new blog, ‘Stark on Incident Response’
Cyber Security: The Importance of a Battle-Tested Incident Response Plan | The D&O Diary
… But there are also two more things that are critical to a holistic cyber security approach: a strong, well-practiced Incident Response Plan (IRP), and, as Admiral Rogers noted above, the concept of cyber-resiliency, i.e., the ability to take your lumps, but continue your business operations unabated. In this article, we tackle two questions: (1) […]