Six Steps to Surviving Your First Breach

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
Next Six Steps to Surviving Your First Breach-4 Next

Go Beyond Compliance

Step 3: Comply with regulations, and then go further.

This may be preaching to the choir — compliance is not security — but understand that a security control that isn’t monitored is worse than no control at all. An intrusion detection system (IDS) that doesn’t have someone actively administrating it and looking at the alerts is just another target for intruders to use against you (and one with significant access to all network traffic!).

Just because you’re in an industry required to keep all log data for 90 days doesn’t mean you shouldn’t store logs for longer periods. After all, log management should be part of your security solution, and security breaches don’t happen in a matter of minutes — the initial signs of intrusion and its origin may show up in logs from months ago. When you need them, you’ll be glad you kept them.

You’ve come to terms with the truth of the world; eventually, you’re going to suffer a security breach. Maybe it won’t happen this month, or this year, but as the great sage Tyler Durden so incisively observed, getting breached doesn’t determine whether or not you have a good security program in place — but how you respond to one does.

Once you accept that everything that can go wrong will do so at the worst possible time, there are things that can be done today to help rein in the trials of the future — things you can set in place to allow you to expect the unexpected.

Disavow yourself of any notion that the work you do in network security is “protecting” the company’s assets. Your mission is to analyze how the network can be attacked, with the hope that you can control the battlefield elegantly enough to be able to respond to all attacks adequately. Network security is as much about technology as the game of chess is about little carved figures on a checkered board.

 So, thinking strategically, what can be done today and what can be put aside for later? In this slideshow, AlienVault discuss six key actions you can take today to prepare your organization and help you when your executive team is breathing down your neck for answers they wanted an hour ago.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

Social14-190x128.jpg 10 Ways to Improve Your Social Media Security Policy and Posture

When phone calls, video conference information, pictures, chat logs, etc. are all stored in a central location via social media, a potential hacker has access to just about everything, quickly and easily. ...  More >>

Security120-290x195 5 DDoS Myths Debunked

Unearth the real story behind five commonly held myths about distributed denial-of-service attacks. ...  More >>

Security119-190x128 8 Tips for Ensuring Employee Security Compliance

IT security ultimately depends on making sure employees use the appropriate tools and comply with policies designed to protect them and their data/applications. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.