https://www.embertechnology.com https://www.embertechnology.com/building-an-incident-response-plan We know a solid Incident Recovery Plan is essential. How do you begin to build one? <div data-rss-type="text"> <h3> <span> You know your organization needs an Incident Response Plan.  Where do you begin? </span> </h3> </div> <div data-rss-type="text"> <p> <span>   </span> <span> National Institute of Standards and Technology (NIST’s) Computer Security Incident Handling Guide provides a framework: </span> </p> <ul> <li> <span> Preparation </span> </li> <li> <span> Identification </span> </li> <li> <span> Containment </span> </li> <li> <span> Eradication </span> </li> <li> <span> Recovery </span> </li> <li> <span> Lessons Learned </span> </li> </ul> <p> <span>   </span> </p> <p> <span> Let's discuss this further. </span> </p> <p> <span> <br/> </span> </p> <p> <span> Preparation: </span> <span> <span> Preparing and protecting support your incident response capability.  Preparation involves being aware of your cybersecurity defenses and weaknesses, and becoming as secure as possible before anything goes wrong. Preparation also involves figuring out what to do when something does go bad. These processes involve putting staff, technologies, policies and procedures in place. If we had a map, there'd be a red X on it, saying "You are here". </span> </span> </p> <p> <span> <br/> </span> </p> <p> <span> Identification, Containment, and Recovery: </span> <span> <span> these are sequential, and come into play as soon as a threat is detected. </span> </span> </p> <p> <span> Your plan needs to set out: </span> </p> <ul> <li> <span> WHO is responsible for each of these steps? </span> </li> <li> <span> HOW things should to be handled? (i.e. in the case of ransomware, do you pay it or not?) </span> </li> <li> <span> WHO needs to be notified, when, and how often? (Customers? The FBI? Local Police? What legal obligations do you have?) </span> </li> <li> <span> WHAT do you do to keep operations going in the meantime? </span> </li> </ul> <p> <span> As far as the actual business of identifying the threat, containing the damage, neutralizing the threat, and beginning recovery, the WHO you have previously designated as responsible should be responsive, competent, and knowledgeable about how to accomplish those tasks. </span> </p> <p> <br/> </p> <p> <span> Lessons Learned: </span> <span> <span> If there can be anything gained from a cybersecurity incident, is that it shines a light on where the cracks in the armor are.  Use what was learned to be better prepared, to make better choices in your policies and processes, and to patch those cracks so it doesn't happen again.  <br/> </span> </span> </p> </div> <div data-rss-type="text"> <p> <span> <span> Hey, my name is Tariq Azmi! </span> </span> </p> <p> <span> Listening to the challenges companies are facing challenges me to find solutions that fit their environment. </span> </p> <p> <span> <span> I am passionate about data security and compliance. </span> </span> </p> <p> <span> Let's chat! I'd love to hear from you. </span> </p> </div> Mon, 22 Jan 2024 19:24:52 GMT https://www.embertechnology.com/building-an-incident-response-plan Incident Response thumbnail main image https://www.embertechnology.com/benefits-incident-response-plan An incident is going to happen sometime. Being prepared makes all the difference. <div data-rss-type="text"> <h3> <span> Cybersecurity Incidents happen. When they do, will you be ready? </span> </h3> </div> <div data-rss-type="text"> <p> <span> <span>  A delayed response means that the malicious agent within an organization’s networks and systems can have a more severe impact. </span> </span> </p> <p> <br/> </p> <p> <span> A delayed response enables the agent to gather more sensitive data or infect more systems with malware, etc. </span> </p> <p> <span> For most organizations, suffering a cyberattack is not a matter of “if” – it is a matter of “when.” Today’s hackers have more technology and are more persistent than ever before; and they have been rapidly evolving methods that allow them to circumvent even the most sophisticated preventative measures. </span> </p> <p> <br/> </p> <p> <span> It pays to follow the Scout motto: “Be Prepared” </span> </p> <p> <span> <br/> </span> </p> </div> <div data-rss-type="text"> <p> <span> <span> Hey, my name is Tariq Azmi! </span> </span> </p> <p> <span> Listening to the challenges companies are facing challenges me to find solutions that fit their environment. </span> </p> <p> <span> <span> I am passionate about data security and compliance. </span> </span> </p> <p> <span> Let's chat! I'd love to hear from you. </span> </p> </div> Mon, 15 Jan 2024 19:24:42 GMT https://www.embertechnology.com/benefits-incident-response-plan Incident Response thumbnail main image https://www.embertechnology.com/holiday-parties-and-security-culture How building a healthy Security Culture is a lot like building a healthier lifestyle. <div data-rss-type="text"> <h3> <span> Take a walk with me on a journey we are all familiar w <span>  </span> ith - and might be on right now... </span> </h3> </div> <div data-rss-type="text"> <p> <span> Hey, my name is Tariq Azmi! </span> <span> <span> </span> </span> </p> <p> <span> Listening to the challenges companies are facing challenges me to find solutions that fit their environment. </span> </p> <p> <span> I am passionate about data security and compliance. </span> <span> <span> </span> </span> </p> <p> <span> Let's chat! I'd love to hear from you. </span> </p> </div> Mon, 08 Jan 2024 19:24:15 GMT https://www.embertechnology.com/holiday-parties-and-security-culture Security Culture thumbnail main image