Security News

Have you got a few of those special people who can deal quickly and efficiently with any "Incident", preventing it escalating into a full-blown crisis. The fact is you can't rely on a few heroes to keep your organization running when an incident occurs.

This article will explore why current cybersecurity incident response efforts are failing, and how a proactive, risk-based approach enables companies to reduce exposure most effectively and to maximize the return on their limited resources. Obtaining a deeper understanding of an organization's business-critical application landscape and creating a playbook focused on the assets, systems, and processes that matter most can be far more effective at overall organizational risk reduction.

Many security pros who are doing an excellent job in handling incidents find effectively communicating the ongoing process with their management a much more challenging task. Luckily, there is a template that security leads can use when presenting to management.

Huge incident response services providers have a unique view on threats and trends in computer attacks. A large 85% of incidents handled by SecureWorks in 2021 were financially oriented, while government-sponsored threat attacks only represented 5% of the activity.

The most effective way to do that is to develop the detailed steps your organization will take to respond to any security incident. Security incident response: Critical yet often forgotten.

Magnet Forensics announced the release of an IDC survey which revealed that more than half of the respondents are expecting to make major investments in digital forensics and incident response technology over the next two years to address growing cybersecurity threats. "The results of the survey are clear: Digital forensics is going to play a central role in helping enterprises protect their most valuable digital assets over the next several years," said Adam Belsher, CEO at Magnet Forensics.

As a CSIRT consultant, I cannot overemphasize the importance of effectively managing the first hour in a critical incident. The feeling of uneasiness often prevents an incident response analyst from making effective decisions.

With so many companies falling victim to cyberattacks, an entire cottage industry of Incident Response services has arisen. Recently, cybersecurity company Cynet provided an Incident Response plan Word template to help companies plan for this unfortunate occurrence.

What is an incident in the world of cybersecurity? NIST provides the following definition: "A computer security incident is a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices." Examples of cybersecurity incident are a phishing attempt, a brute-force attack against a service the company runs and a compromise of a server. These teams also vary a lot in their staffing, the smallest CSIRTs structures being made of a couple of people, some even only being involved part-time, to structures made of dozens of employees with a capability to deal with incidents 24/7.The 6 steps to successful security incident handling.

Cyber insurance premiums are increasing and so is infosec's determination to get a slice of that pie: Cloudflare is partnering with Mandiant, Secureworks, and Crowdstrike in a "Rapid referral" partnership for under-attack companies. The move was announced today as Cloudflare claimed that insurance premiums "Have increased upwards of 50 per cent," with price hikes mainly hitting "The small and medium enterprises that find themselves as the common target for these cyber attacks."