Six Steps to Surviving Your First Breach

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
Next Six Steps to Surviving Your First Breach-4 Next

Go Beyond Compliance

Step 3: Comply with regulations, and then go further.

This may be preaching to the choir — compliance is not security — but understand that a security control that isn’t monitored is worse than no control at all. An intrusion detection system (IDS) that doesn’t have someone actively administrating it and looking at the alerts is just another target for intruders to use against you (and one with significant access to all network traffic!).

Just because you’re in an industry required to keep all log data for 90 days doesn’t mean you shouldn’t store logs for longer periods. After all, log management should be part of your security solution, and security breaches don’t happen in a matter of minutes — the initial signs of intrusion and its origin may show up in logs from months ago. When you need them, you’ll be glad you kept them.

You’ve come to terms with the truth of the world; eventually, you’re going to suffer a security breach. Maybe it won’t happen this month, or this year, but as the great sage Tyler Durden so incisively observed, getting breached doesn’t determine whether or not you have a good security program in place — but how you respond to one does.

Once you accept that everything that can go wrong will do so at the worst possible time, there are things that can be done today to help rein in the trials of the future — things you can set in place to allow you to expect the unexpected.

Disavow yourself of any notion that the work you do in network security is “protecting” the company’s assets. Your mission is to analyze how the network can be attacked, with the hope that you can control the battlefield elegantly enough to be able to respond to all attacks adequately. Network security is as much about technology as the game of chess is about little carved figures on a checkered board.

 So, thinking strategically, what can be done today and what can be put aside for later? In this slideshow, AlienVault discuss six key actions you can take today to prepare your organization and help you when your executive team is breathing down your neck for answers they wanted an hour ago.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

BitSightRansomware0x Ransomware: The Rising Face of Cybercrime

Ransomware is a legitimate threat, with estimates from the U.S. Department of Justice showing that over 4,000 of these attacks have occurred every day since the beginning of the year. ...  More >>

Security121-190x128 5 Ways CFOs Can Implement an Effective Cybersecurity Strategy

While cybersecurity concerns are widespread, finance remains one of the most vulnerable areas for malicious attacks. ...  More >>

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.