Join Us On LinkedIn

The judge’s ruling essentially functions as a reprimand of the way many incident response firms now interact with their clients, according to Edward McNicholas, co-leader of the privacy and cybersecurity practice at Ropes & Gray. If a security company consistently is selling a client other services while working on retainer, and the differences aren’t clear […]
When developing a data breach response plan, identifying everyone who must be involved in the plan – as well as at which stages – is key, as is doing so in advance. “Today, in working on their cyber preparedness, companies regularly involve areas of the company outside information security, including counsel, compliance, senior management and […]
That bad actors have long been able to infiltrate a network and wait for the right moment to attack is alone enough to expand incident response processes. Now that some of these attacks have the capacity to spread laterally, it’s an imperative. To that end, incident response may be best considered in a framework that […]
What’s most important is often the response to a mishap rather than the mishap itself.
I’ve been focused on security analytics for several years and spent a good part of 2015 investigating technologies and methodologies used for incident response. Based upon lots of discussions with cybersecurity professionals and a review of industry research, I’ve come up with a concept I call the incident response “fab five.” Enterprise organizations with the […]
Hopefully you’ve never had anything stolen in a data breach, but if you have I hope you’ve been spared the salted wound of the non-apology. There are notable exceptions of course but as data leaks and network breaches get larger, more common and more damaging, a humble sorry seems to be the hardest word. via What you […]
Gaza cybergang is a politically motivated Arabic cybercriminal group operating in the MENA (Middle East North Africa) region, mainly Egypt, United Arab Emirates and Yemen. The group has been operating since 2012 and became particularly active in Q2 2015. One interesting new fact about Gaza cybergang activities is that they are actively sending malware files […]
Over the last year or so, the cybersecurity winds have shifted once again. With the onslaught of new detection engines, CISOs need ways to collect, process, analyze, and react to volumes of incident detection data in a timely fashion so they can actually respond to incidents. Why the change? Incident response (IR) is where technology […]
What is the key to CareFirst’s incident response, i.e., what should CareFirst be doing right this minute?
Cybersecurity Docket welcomes John Reed Stark and his new blog, ‘Stark on Incident Response’
… But there are also two more things that are critical to a holistic cyber security approach: a strong, well-practiced Incident Response Plan (IRP), and, as Admiral Rogers noted above, the concept of cyber-resiliency, i.e., the ability to take your lumps, but continue your business operations unabated. In this article, we tackle two questions: (1) […]