The Secureworks ® Incident Response proactive consulting practice develops incident response (IR) plans, performs IR plan gap analyses, and facilitates tabletop exercises featuring various security risks to the more than 4,000 customers in our base. Over time we have analyzed findings from each engagement, and the patterns that emerge show consistent challenges to organizational security posture and response capabilities.
This 5-part blog series details the top 5 challenges we see when we’re called in to do a proactive incident response engagement. As these are systemic, widespread issues, we want to raise awareness and share our guidance to help your organization get ahead of them.
The first blog in this series looked at what should be considered the basic foundation of any security practice: the definition of “incident.” Click here to read part 1.
The second in this series discussed another relatively simple item: the contact list. Click here to read part 2.
The third in this series explored what few organizations do well: data governance. Click here to read part 3.
The fourth in this series turned to another issue that may not be directly security related, and at times not very technical: third parties, or alternatively, the “cyber supply chain.” Click here to read part 4.
This fifth and final post of the series provides tips on managing cybersecurity as a business risk, and it wraps up some patterns we’ve seen as security-related “norms” across the companies we encounter.
Cybersecurity is looked at as the voice of “no” in organizations where it is believed that security ..
Support the originator by clicking the read the rest link below.
