It’s that time of year – the infamous year-end “freeze.” The freeze typically refers to the blackout most enterprises and agencies enforce on changes to production IT systems for fear of something negatively impacting holiday business (or worse, people’s vacations). But increasingly, it’s also a...
By Tom Young, Executive Vice President of Worldwide Sales While suffering the slow Wi-Fi on an Amtrak Northeast Regional train out of New York’s Penn Station last week, I wondered if Acela riders are experiencing the same pain. That thought reminded me of a nagging conclusion...
by: Jason Rebholz, Director at The Crypsis Group In July of 2016, the HHS Office for Civil Rights (“OCR”) released updated guidance[1] on how healthcare entities should respond to ransomware infections. The updated guidance introduced a presumption of a breach unless the entity can show there...
There Are Superheroes Among Us On Our Blue Teams Our superheroes are Incident Response experts who wield their knowledge skillfully. Ferreting out the villains who hide in the shadows. Fending off a steady stream of attackers who would penetrate our fortresses (aka server rooms and...
[vc_row][vc_column][vc_row_inner css=".vc_custom_1520466005226{padding-left: 10px !important;}"][vc_column_inner][vc_column_text css=".vc_custom_1520469628021{margin-bottom: 32px !important;}"] Incident Response - Triage Triage is the first post-detection incident response process any responder will execute to open an incident or false positive. Structuring an efficient and accurate triage process will reduce Analyst Fatigue and ensure that only valid alerts...
In our first Incident Response Preparation post we talked about some technical things that should be done as you are preparing to respond to events, investigations, incidents, and (hopefully not) breaches. We now address some of the management work that needs to happen as you are...
Incident Response Preparation Many of our customers question the best methodology out there to respond to an incident, and most places just need a push in the right direction to create an effective response to the incidents they see every day. There are big data breach...
This blog series has been updated here. This is the last of a 3-part series on the role of Preparation in the Incident Response process. The first two parts covered People [1] and Process [2]; this part addresses the role of Technology in Preparation. Further posts...
This blog series has been updated here. In the first post of this series, I gave an overview of the steps associated with the IR process. Starting with this post, I will cover each one in more depth, and identify topics for further development. If you...