The Secureworks ® Incident Response proactive consulting practice develops incident response (IR) plans, performs IR plan gap analyses, and facilitates tabletop exercises featuring various security risks to more than 4,000 customers. Over time we have analyzed findings from each engagement, and the patterns that emerge show consistent challenges to organizational security posture and response capabilities.
This 5-part blog series details the top 5 challenges we see when we are called in to do a proactive incident response engagement. As these are systemic, widespread issues, we want to raise awareness and share our guidance to help your organization get ahead of them.
The first blog in this series looked at what should be considered the basic foundation of any security practice: the definition of “incident.” Click here to read part 1.
The second in this series discussed another relatively simple item: the contact list. Click here to read part 2.
This third in the series explores what few organizations excel at: data governance.
Data governance is hard. The first two blogs discussed relatively easy goals to achieve. This one is not. But it does have to be done. After all, if you do not know what is important, how do you know what to protect?
To excel at data governance, you must first know the value of the data and systems that support that data. If you have business continuity/disaster recovery plans, you can start there. Those plans should have addressed the needs for every business segment to get back to doing business after an interruption, and the order of those processes provides great clues ..
Support the originator by clicking the read the rest link below.
