Ten Rules for the Cyber Incident Responder

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12
Next Ten Rules for the Cyber Incident Responder-8 Next

Always gather and analyze all facts before reporting a conclusion

Obtain as much data as possible when performing analysis. Analyze all data as thoroughly as possible before reporting a conclusion or expert opinion. When reporting a conclusion with partial data or analysis, then caveat the report appropriately to state that not all data was gathered or not all analysis was completed.

For the past 15 years, Ryan Vela, regional director of Cybersecurity Services at General Dynamics Fidelis Cybersecurity Solutions, has been involved in cyber incident response in both the public and private sectors. While serving as follower, leader, coordinator, liaison, consultant, and advisor on countless small, medium, and large incidents, he has come to learn that there is a small set of rules that apply to every single incident response and to every single person serving as part of an incident response team. If you are a cyber incident responder, then you may know all of this already. However, he will explain why these 10 rules are necessary.

The Incident Responder’s 10 Rules

1.    Do no harm.

2.    Always act ethically.

3.    Always act and present yourself professionally.

4.    Always maintain operational security.

5.    Never release confidential information.

6.    Always take notes.

7.    Always gather and analyze all facts before reporting a conclusion.

8.    Always pursue first-hand information.

9.    Never assume you have all of the data.

10.    Do not fear the unknown.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

PAM PAM Solutions: Critical to Securing Privileged Access

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ...  More >>

Fake news How Can We Fix the Fake News Problem?

Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ...  More >>

blockchain The World According to Blockchain

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.