Use your computer fearlessly.

Mission Services Articles Research

business: response

Incident Response to Data Breach, Part 7: Evolution

by Brent Kirkpatrick

(Date Published: . Revised: 5/2/2018.)

Evolve your response to cybersecurity incidents.

Cyber-intrusions and breaches happen. As your company recovers from one intrusion, you are susceptible to others. It is crucial to learn from previous intrusions.

The number of people who become involved in breach response scales according to the magnitude of the breach. If necessary your legal and PR teams should become involved. They can help with documentation, notification, and customer response to the breach.

As more people in your company become involved in breach response, coordination is crucial. Avoid using hacked communication methods. The last thing you need is fraud that disrupts the coordination of breach response.

cofee cup, pen, and paper reading Evolution

Strategy during a breach response involves simple elements that can be combined in unique ways to throw the hackers off-balance. These elements include as the announcement of breach details, rebooting computers, re-installing operating systems, and upgrading software.

Recovery from breach requires blocking intrusion routes which may include both people and technology. Clients of the company must also recover from the breach.

Investigation is properly done after the recovery. The chain of custody of evidence must be preserved. Secured computers are required for collecting and analyzing evidence.

During all of this, a company must evolve its response to be better than the last time. Each time a company is hacked it should learn and improve its response, otherwise it may be re-compromised quickly.

Clean-Up (TM). Incident response driven by data.

Business Articles:

Incident Response, Part 1: Planning
Incident Response, Part 2: Response
Incident Response, Part 3: Coordination
Incident Response, Part 4: Strategy
Incident Response, Part 5: Recovery
Incident Response, Part 6: Investigation
Incident Response, Part 7: Evolution

Cascading Data Breaches
Incident Response Plan
Why Clean-Up Hacking?
Rapid Containment of Intrusions

What Is New? | Contact | Tips

© 2015-2021 Intrepid Net Computing. All rights reserved.