Incident Response News, Articles and Updates

Flawed code-signing process could let malware appear as Apple-approved

Developers & vendors of numerous third-party security, forensics & incident response products for Mac computers have started issuing patches after researchers realised their software wasn't interacting with Apple's code-signing API.

London Police launch Cyber Griffin initiative for Square Mile firms

City of London Police recently launched a new initiative to offer threat briefings, incident response training, and other guidance to businesses located in London's Square Mile to help them secure themselves better from cyber-threats.

ICANN struggles to make WHOIS GDPR compliant without increasing cyber-crime

On 25 May the General Data Protection Regulation (GDPR) will come into effect, and could make the job of incident response a whole lot harder for security researchers.

Enter boardroom, set hair on fire. How not to tackle incident response

Event anomalies can be an indicator of attack, but they can also just be an IT problem. New research suggests the latter might be more common than you think.

The key to IT resiliency: security and disaster recovery working together

Truly resilient IT plans combine security and recovery so in the event an attack does infiltrate the firewall, it is critical that organisations have a plan that allows for rapid recovery and business operations as usual as quickly as possible.

Lessons from the Equifax breach - take a data-centric approach

Data on the endpoint did for Equifax, which is why, among other lessons learnt from the recent breach, visibility is a priority says Rick McElroy.

NIST guidelines for ransomware recovery - situational awareness vital

The US NCCoE at the NIST along with vendors and businesses within the cyber-security community teamed up to develop a recovery guide for firms hit with ransomware attacks.

Firms struggling to get back to business after NotPetya struck

AP Moller-Maersk, WPP, Reckitt Benckiser and FedEx are struggling to resume normal operations following the NotPetya ransomware attack.

Opinion: Why wasn't Tesco Bank prepared for the scale of this attack?

With a reported 20,000 customers losing money over the weekend, Tesco Bank appears to be struggling to deal with the volume of customers demanding their money back. Should Tesco have been better prepared?

Breaches happen - the key is being prepared

Rory Duncan argues that companies need to invest not only in detective and defensive controls, but also in the ability to take action when an attack is occurring

Digital Forensics leads the fight against cyber-crime

Andrew Sheldon discusses how there is considerable danger in allowing digital forensic triage to be carried out in haste or in ignorance

Fighting new cyber-threats the 'old-fashioned' way doesn't work

Shai Morag discusses the importance of endpoint visibility for a large organisation, what stands in the way of organisations maturing their endpoint visibility and ways technology can help ascertain this essential missing piece of the incident response puzzle.

InfoSec 2016: 3/4 experts agree working together crucial to incident response

A group of industry experts joined for a panel to discuss enterprise-wide cyber-incident response plans and proactive techniques for a rapid response and three of the four panellists agreed it's all about the people.

Resilience in the mid-market: Improving incident response capabilities of mid-sized organisations

In today's cyber-threat landscape, the importance of incident response (IR) as a critical priority is fast gaining traction among the security community says John Bruce.

Most organisations unprepared for cyber-security incidents

Roughly 77 percent of organisations are unprepared for cyber-security incidents according to research by NTT Com in its 2016 Global Threat Intelligence Report.

Security training — luck is all about practice

When it comes to cyber-security, almost half of organisations rely on luck to get them through a cyber-attacks says Bethany Mayer.

Are you cyber resilient?

Haroon Malik describes how CISOs can develop a cyber-security resilience strategy by having a clear vision of where they are going and what needs to be done.