Ten Rules for the Cyber Incident Responder

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12
Next Ten Rules for the Cyber Incident Responder-2 Next

Do no harm

Do not perform any action or cause inaction that will cause injury or endanger the life of another
human being. As a second priority, do not perform any action or cause inaction that will lead to risk of harm to animals, the environment, or property. The act of doing or not doing harm is often considered in terms of legal acceptability. While the laws of the jurisdiction are important, they may not protect all of the people all of the time.

For the past 15 years, Ryan Vela, regional director of Cybersecurity Services at General Dynamics Fidelis Cybersecurity Solutions, has been involved in cyber incident response in both the public and private sectors. While serving as follower, leader, coordinator, liaison, consultant, and advisor on countless small, medium, and large incidents, he has come to learn that there is a small set of rules that apply to every single incident response and to every single person serving as part of an incident response team. If you are a cyber incident responder, then you may know all of this already. However, he will explain why these 10 rules are necessary.

The Incident Responder’s 10 Rules

1.    Do no harm.

2.    Always act ethically.

3.    Always act and present yourself professionally.

4.    Always maintain operational security.

5.    Never release confidential information.

6.    Always take notes.

7.    Always gather and analyze all facts before reporting a conclusion.

8.    Always pursue first-hand information.

9.    Never assume you have all of the data.

10.    Do not fear the unknown.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Compliance4-190x128 GRC Programs: Building the Business Case for Value

Experience shows that organizations that manage GRC as an integrated program — involving people, processes and technologies — are more successful in delivering value to their organizations ...  More >>

Social14-190x128.jpg 10 Ways to Improve Your Social Media Security Policy and Posture

When phone calls, video conference information, pictures, chat logs, etc. are all stored in a central location via social media, a potential hacker has access to just about everything, quickly and easily. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.