Incident Response

It just happened that I involved in the incident response job recently. The incident is the breach of security. It is the responsibility of the security team to respond to the problem quickly and effectively. The response depends upon how the security team reacts, what they do to minimize damages, and when they restore resources, all while attempting to guarantee data integrity. None of us have the experience to deal with this case. But we have to face it.

Think of your organization and how almost every aspect of it relies upon technology and computer systems. If there is a compromise, imagine the potentially devastating results. Besides the obvious system downtime and theft of data, there could be data corruption, identity theft (from online personnel records), embarrassing publicity, or even financially devastating results as customers and business partners learn of and react negatively to news of a compromise.

The only way to stop a hacker is to think like one, time to think out of the box.