Tag: incident management

Cyber firms need to centre their own resilience

nielharper

I recently authored a piece for the ComputerWeekly.com Security Think Tank discussing incident response in the wake of the July CrowdStrike incident, and articulating my viewpoint about what CrowdStrike got wrong, what it did right, and next steps

“Information security is essentially an information risk management discipline. By rendering many information systems inoperable, the global outage precipitated by Crowdstrike prevented several companies from accessing critical business information due to unplanned and extended downtime.

The unavailability was not only to information systems, but also to related information processing. It was not only an information risk event, but it was also an information security incident. And the impact of the risk event/information security incident was high from operational, financial, reputation, legal, technological and even regulatory perspectives.”

The full article can be found at this link.

Will your incident response team fight or freeze when a cyberattack hits?

nielharper

“CISOs train their teams to fight hackers but often overlook the human tendency to freeze up during a crisis. Planning for the psychology of incident response can help prevent a team from seizing up at the wrong moment.”

The tendency for cyber professionals to freeze during incident response – especially those that have never actually experienced a cyber attack – is more prevalent than one would think. This occurs even in organizations that have well-drilled security awareness training, detailed incident playbooks, cyber-attack simulations, and red team exercises.

In this CSO Online article, myself and other security leaders discuss how to best prepare our teams and organisations to overcome the fear and freezing when faced with a real-time cyber-attack.