Today, organizations are overwhelmed with the volume, variety and complexity of cyber attacks. They are equally overwhelmed with the variety and complexity of cyber security solutions, particularly the overlapping capabilities offered by vendors with a "me too" attitude. This is flagrantly evident with "incident response tools;" every vendor wants to be their customer's incident response solution.
The cybersecurity incident response cannot be a simple extension or an after-thought. It's a discipline that organizations have tried to hone in on since the first malware was discovered, and it requires a thoughtful, evolutionary and comprehensive approach commensurate with the changing cyber threat landscape. Any tool that purports to be an incident response tool must seamlessly integrate with an organization's incident response strategy, the core of which includes an incident response policy, plan, procedures and service levels. Collectively, this is called the incident response program.
Regardless of the size of an enterprise or its industry, organizations must create and implement an incident response program to effectively and confidently respond to the current and emerging cyber threats. More often than not, companies make simple mistakes in developing and implementing these programs largely because they are focused on the day-to-day, versus a comprehensive strategy to combat persistent cyber threats. Ken Silva, president of cyber strategy at ManTech Cyber Solutions, offers seven key elements required to establish a robust, evolutionary and durable incident response program that delivers results.
While funding and awareness have increased, it is unclear if organizations are making investments that keep up with the evolving security landscape. ... More >>
MSSPs are at an exciting point where market acceptance, awareness and demand have converged. However, excitement and the prospect of profits can create haste, and with haste comes an increased risk of mistakes. ... More >>
HR departments are faced with unique security challenges - securing the flow of PII as well as sharing policies and inter-office communications. ... More >>