Author: admini

In addition to ensuring that firewalls and other security measures are up to industry standard, a thorough security assessment will also identify where sensitive data is stored and whether this can be segmented or further removed from the rest of the IT system. This must include a specific plan to ensure that valuable time is not lost as the organization decides who is in charge of the response efforts.

Corporates should determine in advance of an incident what the chain of command will be for the incident response team.

Whether law enforcement can play any meaningful role in the aftermath of a hacking incident is often dictated by the type of incident involved. Even if law enforcement could determine the scope of the incident for the corporate victim, there are serious downsides to this approach for most organizations.

Hackers rarely leave a detailed list of what they stole and only painstaking reconstruction of a hacker’s activities through sophisticated computer forensics can determine if regulators or individuals need to be notified about the breach.

This could prove a public relations disaster, especially since the public often blames the corporate victim for failing to prevent the incident, regardless of the facts.

Link: http://www.continuitycentral.com/feature1050.html

Only one in five emails were legitimate and email spam increased to 76 percent.

Analysis and news headlines show that multistage attacks with multiple vectors have challenged security capabilities, as they worked to find weak spots and circumvent defenses. Attacks identified by Websense indicate a need for integration at the actual defense level and deep content security intelligence with real-time security defenses.

When independent solutions are in place, there is no way to ensure that email, web, mobile, social and data loss defenses are each prepared to perform their role to cohesively address an emerging threat.

Link: http://www.net-security.org/virus_news.php?id=2411