49 min listen
2021-030-incident response, business goal alignment, showing value in IR -p2
2021-030-incident response, business goal alignment, showing value in IR -p2
ratings:
Length:
46 minutes
Released:
Aug 22, 2021
Format:
Podcast episode
Description
https://blog.teamascend.com/6-phases-of-incident-response https://www.securitymetrics.com/blog/6-phases-incident-response-plan Recent vulnerabilities got Bryan thinking about incident response. Are organizations speedy enough to keep up? If the spate of vulns continue, what can we do to ensure we are dealing with the most important issues? How do we communicate those issues to management? How should we handle the workload? Testing of your IR costs money, do you have budget for that? (verodin, red-team) Restoring backups, extra VPC or azure environment Incidents occur You have to minimize issues, right? But is there a good way of doing that? Simplify your environment? Spend time working on the CIS 20? You gotta plan for that and show value vs effort. Incident response is an ever changing landscape. What is the goal of IR? Minimize damage Identify affected systems Recover gracefully and quickly? Does your environment allow for quick recovery? What does ‘return to normal’ look like? The goal of business Make money Incidents should just be considered part of doing business (risks) The more popular, the more likely the attack Incident timeframe = criteria for getting back to normal. PICERL is a cycle, and one of continual improvement. Incident response is not ‘one and done’.
Released:
Aug 22, 2021
Format:
Podcast episode
Titles in the series (100)
2020-016-Cameron Smith, Business decisions and their (in)secure outcomes - Part 1: Layer8conference is virtual (https://layer8conference.com/layer-8-is-online-this-year/) CMMC: - Project+ Cameron’s Smith = Cybersmith.com - Up by 14 April “There is nothing noble in being superior to... by BrakeSec Education Podcast