The Secureworks ® Incident Response proactive consulting practice develops incident response (IR) plans, performs IR plan gap analyses, and facilitates tabletop exercises featuring various security risks to the more than 4,000 customers in our base. Over time we have analyzed findings from each engagement, and the patterns that emerge show consistent challenges to organizational security posture and response capabilities.
This 5-part blog series details the top 5 challenges we see when we’re called in to do a proactive incident response engagement. As these are systemic, widespread issues, we want to raise awareness and share our guidance to help your organization get ahead of them.
The first blog in this series looked at what should be considered the basic foundation of any security practice: the definition of “incident.” Click here to read part 1.
The second in this series discussed another relatively simple item: the contact list. Click here to read part 2.
The third in this series explored what few organizations do well: data governance. Click here to read part 3.
This fourth in the series turns to another issue that may not seem as technical: third parties, or alternatively, the “cyber supply chain.”
This supply chain is not your father’s supply chain. It has been updated a bit and includes legacy code, open source code, and third party software..The cybersecurity world has been abuzz with supply chain wisdom ever since notpetya in 2017. Russian military hackers broke into the Linkos Group company’s update servers for M.E.Doc to create a hidden back door into the PCs where that product was in use. As outlined ..
Support the originator by clicking the read the rest link below.
