Five Mistakes of Incident Response

Contributed by Dr. Anton Chuvakin
All organizations have to care about security incident response! Unlike detection and prevention, the response is impossible to avoid. While it is not uncommon for the organizations to have weak prevention and detection capabilities, response will have to be there since the organization will often be forced into response mode by the attackers (be it the internal abuser, omnipresent ‘script kiddy’ or the elusive ‘uber-hacker’). The organization will likely be made to respond in some way after the incident has occurred.
This article presents five mistakes that companies make regarding security incident response.
This document is in PDF format. To view it click here.
Breaking out of Prison is easier than you think
Understanding Phishing and Protecting the 8th Layer
The Journey from Unmanaged to a Managed Risk Management Program
Responsibilities and Considerations in Secrets Management