Filed under: Security
This week I enjoyed reading some of infosec articles as they were so thoughtful and thought of sharing them with you.
Incident Response (IR) Preparedness for Keydet89 24th Nov, the entire article added a great insight but interestingly the way he described due diligence, cost of incident unpreparedness and the overall selling the IR concept to management was thoughtful enough for every organization to act upon Now.. he states..
“Take for example the reason of “due diligence”. It occurs to me that if someone were really interested in performing due diligence, they would’ve called me before the incident occurred, to ensure that they were prepared to handle an incident. Closing the barn door and shutting the stall doors after the horse has left is not “due diligence”.”
“Something very important to remember about regulatory requirements is that in many cases, unless you’re able to definitively identify the data that was exposed, you may have to notify on ALL data that could potentially have been exposed. So, if the database containing 6 million records was compromised, and you were not prepared for an incident, and you think that only 23,000 records were exposed…but you don’t know for sure…guess how many people you’re going to have to notify? You get three guesses, and the first two don’t count.”
“Benefits of Incident Preparedness
Compliance – with legislative and regulatory requirements
Lower overall cost – the upfront cost of doing nothing is…nothing; in the long run, however, costs mount.
Confidence – from your Board of Directors and the consumer (b/c you’re demonstrating “due diligence”)
As long as we use IT assets to conduct business, and as long as people are part of the process, there will always be a need for incident response. Incidents are always going to occur, without question. The difference today (and tomorrow) is if you’re going to be prepared for an incident…or not.”
One of my daily blogroll reads is the SANS Forensics, Investigations and Response blog – for those who are interested in Cisco Router Forensics, you can find more insight here.
