One of our most popular blog posts covers the skills and qualifications required to be a successful penetration tester, so we decided to follow up with a similar post outlining the skills and qualifications incident response professionals need. It’s a commonly known fact that cyber security is a growing industry and organizations are always looking for new talent. Incident… Read More
Do your spring-cleaning plans call for refreshing and improving your cyber security incident response plan (CSIRP)? If so, that means your organization has a CSIRP – and hats off to you, because you’re in the minority. As much talk as there is in cyber security circles and conferences about developing and improving incident response (IR) plans,… Read More
For many organizations, cyber security program and cyber security incident response plans (CSIRPs) also need to consider industrial control systems (ICS) when we look at the protection of critical services. Most often our discussions about Cyber Security Incident Response Plans (CSIRP) are focused on data security incidents. We know that across all industries, data contained in information… Read More
I have spent the most notable years of my career helping organizations improve their cyber security incident response plans. To do this effectively, we dive in, ask questions, consider scenarios, look at contingencies, and identify gaps. It has personally been very rewarding for me because planning is in my core – I rarely fly by the seat of my pants, and usually have multiple back up plans. But on August 25, 2017, I was blindsided by Hurricane Harvey.
Last week, Delta Risk hosted a webinar on the topic of “Data Breach Survival Tactics: Building Incident Response Actionable Response Plans.” Delta Risk Solutions Expert, Stephanie Ewing, and Managing Consultant, Ryan Clancy, were the presenters for this live broadcast (view the on-demand version). In response to the poll questions, “Do you have an incident response plan,”… Read More
It can be hard to plan for a security incident if you’ve never experienced one first hand. Incidents involve unauthorized access, denial of service, presence of malicious logic, and improper usage. As an incident responder, I’ve seen plenty of these situations play out. I was fortunate to share some of my experiences and lessons with… Read More