You are currently browsing the archives for the Incident Response category.
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Nov | ||||||
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | 31 | ||||
12 March 2009 by Jeff Hayes.
In my ITT Tech Windows Server and security class this week, I had my students read and discuss an anonymously written article from the February and March issues of CSO magazine: “Undercover: The Company That Did Everything Wrong.”
It was written from a security consultancy’s perspective. It was brought in two days after a phishing email opened up the entire organization to a Russian hacking group. This group was using the targeted company as a hacking demonstration from a hacker conference in St. Petersburg. Some of the lessons learned were:
It is impossible to plan for everything, but a little bit of planning can go a long way when an incident does occur.
Most of my students will handle a full range of IT functions in a small company, less than 100 employees. They will be tasked from everything from desktop and server configuration to switch and router ownership, from firewall and overall information security to physical security. Not a week goes by that I do not hammer home the importance of a) thorough and well-written security policies, b) a test bed for all supported systems and c) an incident response plan that is re-evaluated, updated and assessed on a regular basis.
The California company in this two-part article did everything wrong. But they were smart enough to bring in some people that could assess the situation and take corrective action. Learning from our mistakes should be the common denominator for all of life’s mishaps.
Posted in Incident Response | Print | 1 Comment »