Description
On this episode of CISO Tradecraft, you can learn the 10 steps to Incident Response Planning:
Establish a Cyber Incident Response Team
Develop a 24/7 Contact list for Response Personnel
Compile Key Documentation of Business-Critical Networks and Systems
Identify Response Partners and Establish Mutual Assistance Agreements
Develop Technical Response Procedures for Incident Handling that your team can follow:
External Media - An alert identifies someone plugged in a removable USB or external device
Attrition - An alert identifies brute force techniques to compromise systems, networks, or applications. (Examples Attackers trying thousands of passwords on login pages)
Web - A Web Application Firewall alert shows attacks carried out against your website or web-based application
Email - A user reports phishing attacks with a malicious link or attachment
Impersonation - An attack that inserts malicious processes into something benign (example Rogue Access Point found on company property)
Improper Usage - Attack stemming from user violation of the IT policies. (Example employee installs file sharing software on a company laptop)
Physical Loss- Loss or theft of a physical device (Example employee loses their luggage containing a company laptop)
Classify the Severity of the Cyber Incident
Develop Strategic Communication Procedures
Develop Legal Response Procedures
Obtain CEO or Senior Executive Buy-In and Sign-off
Exercise the Plan, Train Staff, and Update the Plan Regularly
To learn more about Incident Response Planning, CISO Tradecraft recommends reading this helpful document from the American Public Power Association
If you would like to automate security reviews of infrastructure-as-code, then please check out Indeni CloudRail Link
This episode of CISO Tradecraft features a comprehensive discussion between host G Mark Hardy and guest Rafeeq Rehman, centered around the evolving role of CISOs, the impact of Generative AI, and strategies for effective cybersecurity leadership. Rafeeq shares insights on the CISO Mind Map, a...
Published 04/15/24
In this episode of CISO Tradecraft, host G Mark Hardy welcomes Alex Dorr to discuss Reality-Based Leadership and its impact on reducing workplace drama and enhancing productivity. Alex shares his journey from professional basketball to becoming an evangelist of reality-based leadership, revealing...
Published 04/08/24