Holding a post-mortem briefing with your incident response team members after the incident has taken place and the fallout has mostly been uncovered is a key component to preventing it from happening again. This type of follow up is important because your employees need to understand how the breach could have been prevented in the first place.
“Looking back to look ahead” is a key element of threat intelligence and risk assessment. If you are able to identify the root cause of the breach via, for instance, the logs on your firewall or security information and event management (SIEM) software, you may be able to automate a response that can prevent the breach the next time it rolls around.
Post-incident you will also need to inform your customers, vendors and technology partners of the incident in order to move forward as a community.
It’s important to stay humble when going through the incident response process. Assume you will be attacked as opposed to thinking you are too strong to be affected. Remaining humble in your planning, training and communications will help to mitigate any unforeseen perception hits to your organization.
More Info: a+ network+ security+ jobs
No comments:
Post a Comment