Security News

The big story from last month was the LastPass breach, in which an attacker apparently got access to just one part of the LastPass network, but was able to make off with the company's proprietary source code. LastPass has now published an official follow-up report on the incident, based on what it has been able to figure out about the attack and the attackers in the aftermath of the intrusion.

Today's harsh reality is that incident response based on manual efforts is no longer successful for security teams. Staying on top of thousands of daily security alerts is exhausting and is nearly impossible to assess manually, especially for security analysts experiencing alert fatigue, and becoming numb to the endless alerts that come in on a daily basis.

Incident response in the cloud is far simpler than on-premises incident response. There is a catch, though: All the tools you need to do IR reside in the platform of your favorite cloud providers and SaaS products, so you need to do some initial setup to be prepared for an incident.

In this Help Net Security video, Neal Bridges, CISO at Query.ai, talks about the rules organizations need to think about if they way to develop successful incident response (IR) plans. The post...

Have you got a few of those special people who can deal quickly and efficiently with any "Incident", preventing it escalating into a full-blown crisis. The fact is you can't rely on a few heroes to keep your organization running when an incident occurs.

This article will explore why current cybersecurity incident response efforts are failing, and how a proactive, risk-based approach enables companies to reduce exposure most effectively and to maximize the return on their limited resources. Obtaining a deeper understanding of an organization's business-critical application landscape and creating a playbook focused on the assets, systems, and processes that matter most can be far more effective at overall organizational risk reduction.

Many security pros who are doing an excellent job in handling incidents find effectively communicating the ongoing process with their management a much more challenging task. Luckily, there is a template that security leads can use when presenting to management.

Huge incident response services providers have a unique view on threats and trends in computer attacks. A large 85% of incidents handled by SecureWorks in 2021 were financially oriented, while government-sponsored threat attacks only represented 5% of the activity.

The most effective way to do that is to develop the detailed steps your organization will take to respond to any security incident. Security incident response: Critical yet often forgotten.

Magnet Forensics announced the release of an IDC survey which revealed that more than half of the respondents are expecting to make major investments in digital forensics and incident response technology over the next two years to address growing cybersecurity threats. "The results of the survey are clear: Digital forensics is going to play a central role in helping enterprises protect their most valuable digital assets over the next several years," said Adam Belsher, CEO at Magnet Forensics.