Incident Response


November 10, 2009  6:06 PM

Things You Can Do To Help An Investigation, Part II

Posted by: Arian Eigen Heald
Data Breaches, Digital Forensics, Incident Response, information security

In a previous column, I talked about the importance of locking up a computer and not continuing to use it after it has been compromised, or the fraudster was fired. This works in a lot...

August 7, 2009  3:47 PM

Things NOT to Do When You’ve Been Hacked, Part II

Posted by: Arian Eigen Heald
"How Do You Know?", Adventures in Auditing, Data Breaches, Incident Response, information security

I finally asked that deadly question: "What do your Incident Response Procedures say?" Whoops, there goes all the buddy-buddy geekiness: I have morphed into The Auditor Who Asks Questions. "Umm, well, they pretty much say to do what we just did." I notice the vagueness of the reply,...

July 31, 2009  4:25 PM

Things NOT To Do When You’ve Been Hacked, Part I

Posted by: Arian Eigen Heald
Data Breaches, Incident Response, information security, information security policy

The problem with being a "geek" is that we truly love to tinker, to fix, to improve, to test....etc. So when you announce to a bunch of us that a website on the network has been broken into, there's lots of leaping into action. Which is exactly what you don't want to do. At all. While...

June 29, 2009  8:19 PM

Remember the Lowest Common Denominator

Posted by: Arian Eigen Heald
Incident Response, IRT, Physical Security

I recently attended a seminar at a well known southwestern school on building an Incident Response Team. During the discussion about Team membership, management oversight of the Team and related responsibilities, I noticed that the membership of the Team and the Oversight Committee was lacking...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: