Six Steps to Surviving Your First Breach

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
Next Six Steps to Surviving Your First Breach-6 Next

Keep a Clear Head and Stay Focused

Step 5: “When you have eliminated the impossible, whatever remains, no matter how improbable, must be the truth.” - Sherlock Holmes

The perpetrators of the crime you are investigating are just human beings — it’s unlikely they possess psychic powers, supernatural levels of intelligence, or the ability to time travel. During the investigation, you will encounter many “How did they do that?” moments. The simplest answer is usually correct. Keep a clear head and stay rational, this is not the time to take a trip down the rabbit hole. What you are trying to unravel in days, the intruder may have taken months to put together, but remember: You have the advantage of being able to work backwards to the beginning of it all.

This is the time when those checklists of things to cross-examine during more mundane investigation tasks become invaluable. Between the forensics, remediation and information gathering, your sanity will be tested; however, nothing keeps your sanity like a good list of things to reference against to know you’ve left no stone unturned, no metaphor unexplored.

You’ve come to terms with the truth of the world; eventually, you’re going to suffer a security breach. Maybe it won’t happen this month, or this year, but as the great sage Tyler Durden so incisively observed, getting breached doesn’t determine whether or not you have a good security program in place — but how you respond to one does.

Once you accept that everything that can go wrong will do so at the worst possible time, there are things that can be done today to help rein in the trials of the future — things you can set in place to allow you to expect the unexpected.

Disavow yourself of any notion that the work you do in network security is “protecting” the company’s assets. Your mission is to analyze how the network can be attacked, with the hope that you can control the battlefield elegantly enough to be able to respond to all attacks adequately. Network security is as much about technology as the game of chess is about little carved figures on a checkered board.

 So, thinking strategically, what can be done today and what can be put aside for later? In this slideshow, AlienVault discuss six key actions you can take today to prepare your organization and help you when your executive team is breathing down your neck for answers they wanted an hour ago.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

Privacy rollback Security Pros Give Their Opinions on ISP Data Privacy Rollback

IT staff, organization leaders, and the average citizen have all expressed levels of concern over the FCC about-face in regard to ISP privacy. Here’s what the security experts say. ...  More >>

IT security skills 7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ...  More >>

IT security careers The Most In-Demand Security Jobs and How to Get Them

Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.