The Blog

Rapid Reaction: Incident handling process overview

By Jim, on

This is the third article in a series that aims to help organisations build and maintain their information security incident management and response capability.

Before getting “into the weeds” of an incident handling process, it is useful to have a bird’s eye view of what it looks like. In this article I will provide you with an overview of the process and a brief description of each of the process steps. While incident handling is widely perceived to be a technical process, only some of its steps require technical knowledge. In reality, a lot of incidents do not require any technical knowledge to handle them. For example, incidents that relate to policy violations, physical security breaches, loss of computing devices, etc. Read More

Rapid Reaction: What is a security incident?

By Jim, on

This is the second article in a series that aim to help organisations build and maintain their information security incident management and response capability.

In the previous article I introduced the issue of the general deficiency of effective incident management and response processes in many organisations. But what is a security incident? The short answer is: it depends! It is up to each organisation to define what kinds of events it determines to be a security incident.

Read More

Going to Microsoft’s Ignite 2016 Conference? Check out Chris’s session

By Terry, on

For those folks heading up to Microsoft’s Ignite session in Auckland from the 25th October, check out Chris’ session on Thursday 27th – “A practical approach to security in the cloud”.
As a teaser this is the abstract for the session: “Is your organisation or the one that you look after looking to take advantage of the benefits that cloud computing offers? Are you unsure how to address security in the cloud? Are you overwhelmed by the volume of contradictory advice and guidance? Do you need a practical approach to managing security risks when migrating to the cloud? If you answered “YES!” to any or all of these, then this is the session for you! You’ll leave this presentation with some real-world practical techniques for clearing both real and perceived security roadblocks to moving your organisation to the cloud.”

Enjoy!

Rapid Reaction: A Series on Incident Management and Response

By Jim, on

This is the first in a series of articles that aim to help organisations build and maintain their information security incident management and response capability.

With the exception of a few organisations, it seems that the effort put into establishing an information security incident management and response capability is limited to developing a documented process. Most do the bare minimum required to tick the “has an incident response process” box, with little to no regard about how effective the process is. That’s why very few organisations actually detect information security (or cyber security if you prefer) incidents in a timely manner, and fewer still are able to handle and resolve them in an efficient and effect way to minimise the impact.
Read More

Chris to present at COSAC 2016

By Jim, on

Chris will be presenting two sessions at COSAC 2016 held in Ireland between the 2 – 6 October 2016.  The following provides a synopsis of his sessions, visit the COSAC website here for more information and the full conference schedule.
Read More

Who cares about unique identifiers?

By Michael, on

Almost everyone has been on the receiving end of a request to provide photo identification (most commonly a drivers’ licence or a passport) when applying for a bank account, or purchasing a new mobile phone, or some similar account-based transaction. The person making the request typically either writes down the details of the document or photocopies it. But there is one piece of information that should not be captured unless there is a legitimate reason to – the unique identifier.
Read More