When Peter Drucker produced his seminal work, “What Makes an Effective Executive,” in the Harvard Business Review (Drucker, June, 2004), he may not have been writing with cybersecurity in mind. In fact, in 2004, the cybersecurity world had only begun to appear as the many-headed beast it’s become since then. Nonetheless, this text is an excellent guide for executives about incident response and breach management.
Cybersecurity is a Team Sport: Peter Drucker on Cyber Attacks
Topics: Cybersecurity, budgeting, security incident handling
Topics: Information Security, Incident Rsponse, security incident handling, security incident response, DEF CON
Investigating and Responding to Ryuk Cyberattack in 2020
Incident Response is a series of investigative and remedial steps that a company takes in the event of a breach or other security incident. These restoration efforts can include backtracking through log data, isolating affected machines, and even negotiating with cyberterrorists!
Topics: Cybersecurity, Data Breach, Incident Response, security incident handling, security incident response
In 1974, the great Mohammed Ali said of his opponent, George Foreman, “His hands can’t hit what his eyes can’t see.” The same principle rings true in the cybersecurity world; we can't stop an attack until we know it is happening. That is why SIEM experts, like ProCircular’s Josh Resch, dedicate themselves to monitoring our clients’ networks for suspicious activity. Although each SIEM product works a little differently, they are all designed to help identify and track early signs of malicious activity on your network. A well-maintained SIEM can drastically reduce recovery time from a security incident by showing exactly where the attacker has been.
Topics: Cybersecurity, Network Security, security incident handling, SIEM, Monitoring
The best approach to security is a proactive one, but nobody is perfect. What happens when a determined attacker finds their way into your network? How do you know where they have been, what they have seen, when they got in, and how they gained access? How do you prioritize remediation and confirm that the bad guys are out of your network? Incident responders, like ProCircular's Aaron Heikkila, are at the ready to swoop down and stop the attackers in their tracks!
Topics: Cybersecurity, Information Security, Data Security, Incident Response, security incident handling, security incident response