Database Security
Authentication
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management

Risk

2/2/2017
09:00 AM
Terry Sweeney
Terry Sweeney
Slideshows
Connect Directly
Facebook
Twitter
RSS
E-Mail
4 comments
Comment Now

10 Essential Elements For Your Incident-Response Plan

The middle of a DDoS attack or ransomware infection is hardly the time to start talking about divisions of labor, or who should do what when.
2 of 10

Test Your Plan Regularly Great! You've got your incident response plan nailed down, now make sure you test it at least once a year. Mark Weatherford, chief cyber security strategist for security vendor vArmour, suggests working with an independent third-party the first time you test in order to see the necessary elements and criteria. The drill can last two hours or may require a full day. But by walking everyone through a specific scenario, people start to understand their own roles and identify any gaps in the plan. 'Things never work like clockwork, but if you have a chain of command - and communications - it will help a lot,' Weatherford adds. And Check With Your Attorneys. Depending on your industry sector or jurisdiction, the company may be subject to compliance laws that require you to test your readiness regularly. Image Source: Wikimedia Commons, courtesy of Cpl. Matthew Manning

Test Your Plan Regularly

Great! You've got your incident response plan nailed down, now make sure you test it at least once a year. Mark Weatherford, chief cyber security strategist for security vendor vArmour, suggests working with an independent third-party the first time you test in order to see the necessary elements and criteria. The drill can last two hours or may require a full day. But by walking everyone through a specific scenario, people start to understand their own roles and identify any gaps in the plan. "Things never work like clockwork, but if you have a chain of command – and communications – it will help a lot," Weatherford adds.

And Check With Your Attorneys.

Depending on your industry sector or jurisdiction, the company may be subject to compliance laws that require you to test your readiness regularly.

Image Source: Wikimedia Commons, courtesy of Cpl. Matthew Manning

2 of 10
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
neiljakson105
50%
50%
neiljakson105,
 User Rank: Guru
12/11/2017 | 10:57:57 PM
Re: Your post
The good thing about your story is that you give the information about how you can be a loyal and real helper of the people. I know being a good person you want to deliver the good information. I totally love this information that you share in this article   
Dissertation writing services
Cecial
50%
50%
Cecial,
 User Rank: Apprentice
6/15/2017 | 2:33:59 PM
Your post
Your post left a lasting and deep impact on me. Your details were extremely convincing and you operated with verified facts regarding this type of vital issue. Everything was clarified by you. It seems like an argumentative essay from <a href="https://paperspanda.com/">paperspanda.com</a> Of a top quality.
KenBown
50%
50%
KenBown,
 User Rank: Apprentice
2/17/2017 | 8:49:07 AM
Re: dissertation writing service
I totally agree with you Joe. Great tip!
Joe Stanganelli
50%
50%
Joe Stanganelli,
 User Rank: Ninja
2/6/2017 | 4:43:29 PM
Re: Step #11
@jmyerson: Indeed.  On the one hand, this is what the cloud is for.  On the other hand, the cloud brings with it its own inherent vulnerability and security issues -- and, regardless, you'll still need an IT "command post"/"HQ", so to speak.
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data Researcher,  4/19/2019
Tips for the Aftermath of a Cyberattack
Kelly Sheridan, Staff Editor, Dark Reading,  4/17/2019
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor Networks,  4/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-0218
PUBLISHED: 2019-04-22
A vulnerability was discovered wherein a specially crafted URL could enable reflected XSS via JavaScript in the pony mail interface.
CVE-2019-11383
PUBLISHED: 2019-04-22
An issue was discovered in the Medha WiFi FTP Server application 1.8.3 for Android. An attacker can read the username/password of a valid user via /data/data/com.medhaapps.wififtpserver/shared_prefs/com.medhaapps.wififtpserver_preferences.xml
CVE-2019-11459
PUBLISHED: 2019-04-22
The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.
CVE-2019-11460
PUBLISHED: 2019-04-22
An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32 prior to 3.32.1.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's control...
CVE-2019-8452
PUBLISHED: 2019-04-22
A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains t...