Incident Response and Recovery May Be the Best Defense

Aug 3, 2011

The ever increasing list of breaches appearing on the Open Security Foundation’s DataLossDB Web site as well as companies being targeted by the AntiSec movement made up of groups including recently-raided Anonymous, AnonOps, TeaMp0isoN, and now-dormant LulzSec continues to show that no organization is immune to successful penetration from cyberthreats. 

In spending the last several years talking to senior information security executives and professionals, the focus always seems to be about securing the network or (in the case of virtualization and migration to cloud-based offerings) critical digital assets wherever they may be. Everyone wanted to have discussions around the latest on what was working and what was not strategy-wise. 

When the topic of incident response would come up, it was usually with regard to compliance mandate and the least amount of investment was put into something that was often not quantifiable – for if it were, the belief seemed to be that it was admitting poor risk posture. 

Print this page
Email this page