An eagle-eyed Security Incident Response Team: Here’s what it takes - PowerPoint PPT Presentation

About This Presentation
Title:

An eagle-eyed Security Incident Response Team: Here’s what it takes

Description:

Few organizations really understand their readiness quotient when it comes to responding to a cyber security attack – partly because they miscalculate the gravity and partly because of the amorphous dimensions of the term ‘incident’. – PowerPoint PPT presentation

Number of Views:26

less

Transcript and Presenter's Notes

Title: An eagle-eyed Security Incident Response Team: Here’s what it takes


1
An eagle-eyed Security Incident Response Team
Heres what it takes
Few organizations really understand their
readiness quotient when it comes to responding to
a cyber security attack partly because they
miscalculate the gravity and partly because of
the amorphous dimensions of the term
incident. In general security parlance, any
event that affects CIA (Confidentiality,
Integrity and Availability) can be called an
incident. However, defining the term within the
context of your operations requires infallible
perception and situational awareness. Without
precise identification of the source of a breach,
its intent, impact, and entry point,
organizations cannot effectively pair an incident
response plan with the level of support and
threat management capability it requires. There
is a noticeable upward trend in the embracement
of incident response planning, but merely having
guidelines proves to be persistently ineffective.
A recent study by Ponemon Institute indicated
that though 73 of Fortune 500 companies have
developed IR plans, about 68 of them feel they
arent yet ready to handle a data breach and
wouldnt know what steps to take to control the
impact. The reality of the situation,
apparently, is that many organizations arent yet
equipped with the right staff to venture into the
preparation phase with the forward-planning
exigency it requires. Negligibly few
companies, whom I would call the 1, are equipped
with an IT team that can double up as incident
handlers with the kind of knowledge gained from
day after day of dealing with a wide range of
incidents. The others who form the majority have
the option to involve a dedicated incident
response team with battlefield experience. The
role of Managed Security in Preparation, Response
and Follow-up of a Security Incident Organizations
are working with managed security operations
teams are realizing the transformational benefits
of objective assessment and extensive threat
intelligence the best of both worlds.
2
An eagle-eyed Security Incident Response Team
Heres what it takes
1. PreparationContinuous Threat Analytics for a
strong base of operations Preparation entirely
devolves on how well people, process,
technologies and information are brought
together. This stage involves asset risk
prioritization and establishing baselines to
provide direction and scope for the entire
workflow. Thus, in a sense, the security
operations team is continuously preparing your
foundation for incident response with its
round-the-clock scrutiny and dissection of events
and alarms.
3
An eagle-eyed Security Incident Response Team
Heres what it takes
2. ResponseRapid diagnosis using Intrusion
Forensics -Because how you would dodge a bullet
is not the same way you would escape a grenade
blast. Forensic capabilities are rare to come
upon and are extremely useful in quickly
comprehending what data has been exfiltrated and
what resources have been compromised in the
process. Seasoned incident handlers will know
that this is the worst time for panic and carry
out systematic problem solving.
4
An eagle-eyed Security Incident Response Team
Heres what it takes
  • Resuscitative Containment is undertaken to
    neutralize threats in critical systems to help
    keep them in production while a clean backup is
    getting ready.
  • 3. Follow-up Corroborative security policy
    reviews, logs, checklists and surveys
  • End goals
  • Validating every restoration and recovery
    task/policy change for efficacy.
  • Improving security controls and security
    awareness across the organization.
  • Asserting how close the organization has come to
    preventing reoccurrence of an incident.
  • Ensuring that realistic goals are set and
    achieved.
  • Every event encountered contributes to the
    knowledge pool that is used in adjusting rules,
    policies and frameworks. Analysts prepare reports
    for a range of purposes but the most valuable
    reports are those that chronicle the entire
    incident summary and answer all questions
    pertaining to it.
  • Aleph Tav Technologies is helping organizations
    discover simplified threat management with a
    flexible and adaptive security operations team.
    Explore ways to build a robust response team with
    our managed security solution. Visit
    alephtavtech.com for more.
  • Our services include Ethical Hacking, Managed
    Security Services, Application Security, Network
    Security, Security Testing, Enterprise Security,
    Security for IoT, SCADA Security, Digital
    Forensics
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "An eagle-eyed Security Incident Response Team: Here’s what it takes" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!