cyber incident response team (CIRT)

People, Process and Technology: The Incident Response Trifecta

Posted on January 19, 2023 by George Platsis

Let’s say you are the CISO or IT security lead of your organization, and your incident response program needs an uplift. After making a compelling business case to management for investment, your budget has been approved and expanded. With your newfound wealth, you focus on acquiring technology that will improve your monitoring, detection and analysis […]

The post People, Process and Technology: The Incident Response Trifecta appeared first on Security Intelligence.

Continue reading People, Process and Technology: The Incident Response Trifecta→

Outrageous Stories From Three Cyber Incident Responders

Posted on December 30, 2022 by Mark Stone

Working in cyber incident response can certainly make life interesting. Experiences typically run the gamut from exciting, dull, fun, repetitive and challenging. IBM Security commissioned a study from Morning Consult that surveyed over 1,100 cybersecurity incident responders across ten countries. Unsurprisingly, over two-thirds of respondents experienced daily stress or anxiety due to the pressures of […]

The post Outrageous Stories From Three Cyber Incident Responders appeared first on Security Intelligence.

Continue reading Outrageous Stories From Three Cyber Incident Responders→

A Day in the Life: Working in Cyber Incident Response

Posted on October 25, 2022 by George Platsis

As a cybersecurity incident responder, your life can go from zero to 100 in a heartbeat. One moment you are sipping a beverage reading the latest threat intelligence or getting the kids ready for bed; the next, you may be lunging for your “go bag” because you cannot remote in to the breached system. It’s […]

The post A Day in the Life: Working in Cyber Incident Response appeared first on Security Intelligence.

Continue reading A Day in the Life: Working in Cyber Incident Response→

What Drives Incident Responders: Key Findings from the 2022 Incident Responder Study

Posted on October 24, 2022 by John Dwyer

Cyberattacks seldom happen when it’s convenient. In fact, it’s relatively common for them to occur on weekends or holidays — threat actors capitalize on the fact that there is fewer staff on site, and those who are there are focused on the coming weekend or time off. It’s also not uncommon for attacks of this […]

The post What Drives Incident Responders: Key Findings from the 2022 Incident Responder Study appeared first on Security Intelligence.

Continue reading What Drives Incident Responders: Key Findings from the 2022 Incident Responder Study→

To Cybersecurity Incident Responders Holding the Digital Front Line, We Salute You

Posted on October 3, 2022 by Laurance Dine

Over the course of two decades, I’ve seen Incident Response (IR) take on many forms. Cybercrime’s evolution has pulled the nature of IR along with it — shifts in cybercriminals’ tactics and motives have been constant. Even the cybercriminal psyche has completely rebirthed, with more collaboration amongst gangs and fully established ransomware enterprises running. When […]

The post To Cybersecurity Incident Responders Holding the Digital Front Line, We Salute You appeared first on Security Intelligence.

Continue reading To Cybersecurity Incident Responders Holding the Digital Front Line, We Salute You→

The Ransomware Playbook Mistakes That Can Cost You Millions

Posted on August 24, 2022 by Limor Kessem

If there is one type of cyberattack that can drain the color from any security leader’s face, it’s ransomware. A crippling, disruptive, and expensive attack to recover from, with final costs rarely being easy to foretell. Already a prevalent threat, the number of ransomware attacks rose during the pandemic and nearly doubled in the year […]

The post The Ransomware Playbook Mistakes That Can Cost You Millions appeared first on Security Intelligence.

Continue reading The Ransomware Playbook Mistakes That Can Cost You Millions→

What to Do When a Ransomware Group Disappears

Posted on December 8, 2021 by Jeff Gamet

It’s your company’s worst nightmare: attackers managed to sneak ransomware onto your servers. Now, you’re locked out of every file unless you agree to pay whatever price they’re asking. As if the situation couldn’t get any worse, the attackers disappear without a trace and you can’t even pay their ransom to unlock your files. What […]

The post What to Do When a Ransomware Group Disappears appeared first on Security Intelligence.

Continue reading What to Do When a Ransomware Group Disappears→

Technical Problem or Cyber Crime? How to Tell the Difference

Posted on December 3, 2021 by Jonathan Reed

As soon as the Oct. 4 Facebook mega outage took place, questions about the cause ran rampant. Was it a cyber crime or a technical glitch?? Who was at fault? The outage reportedly resulted in the loss of some $60 to $100 million dollars of revenue, and Facebook’s stock plunged 4.9% on the same day. […]

The post Technical Problem or Cyber Crime? How to Tell the Difference appeared first on Security Intelligence.

Continue reading Technical Problem or Cyber Crime? How to Tell the Difference→

Deciphering Between Incident Management and Crisis Management

Posted on July 16, 2020 by NewsCred System

Cyber threats come in many forms and can severely impact business operations, brand reputation, financial standing and even lead to a lawsuit. Organizations must prepare to respond and manage cyber events at different organizational levels to limit their damage and accelerate recovery. Most businesses focus on incident management or crisis management to react to cyber […]

The post Deciphering Between Incident Management and Crisis Management appeared first on Security Intelligence.

Continue reading Deciphering Between Incident Management and Crisis Management→