Access "Business continuity roles improve security incident management"
This article is part of the January 2004 issue of IDSes takes aim: Emerging "target-based" systems improve intrusion defense
Click to enlarge. Doubleclick to restore. Perhaps a phone call in the middle of the night: "We've got a bit of a mess here, Dave. That new worm blew our primary and backup e-mail servers out of the water, and I've had to take us off-net for an hour or two. I hope it's not longer than that. Oh, by the way, the customer care intranet will be disconnected until we can get the staff out there to disinfect about 30 or 40 machines tomorrow or maybe Monday. Is that going to be a problem for anyone?" Is this how security incidents are handled at your organization? If your security incident management is solely or primarily the responsibility of your IT managers, it's a good bet you're not adequately prepared for events that may disrupt business, or, in a worst-case scenario, shut it down. It's time to reinvent the process, from the top down. (See the Incident Response Matrix above for suggestions.) That scenario isn't at all far-fetched. Last January's SQL Slammer worm crashed thousands of networks worldwide. Last August, Blaster and Welchia infected millions of ... Access >>>
Premium Content for Free.
'Targeted' perimeter defense improves network-based intrusion detection systems
by Joel Snyder, Contributor
Target-based IDSes squelch network noise to pinpoint the alerts you really care about. We review three solutions to see if they hit the bull's-eye.
Microsoft Trustworthy Computing causes strategic conflict around security
by Lawrence M. Walsh
Two years into Trustworthy Computing, the software giant faces the daunting challenge of winning and keeping customers while grappling with periodic setbacks.
Ron Rivest, RSA Algorithm Creator, discusses issues with micropayments
by Andrew Briney
Legendary cryptographer Ron Rivest has a reputation for tackling "hard" security problems. Up next: Micropayments.
- 'Targeted' perimeter defense improves network-based intrusion detection systems by Joel Snyder, Contributor
Passive scanning: A new take on network vulnerability scanning
by Joel Snyder, Contributor
Learn about the benefits and risks of passive network vulnerability scanning.
Business continuity roles improve security incident management
by Fred Trickey
IT personnel may be front-line responders, but if they "own" incident management, your enterprise is at risk. Here's a business blueprint for an effective security incident management program with business continuity roles.
Review: RSA ClearTrust 5.5 secure federated identity management system
by George Wrenn
RSA ClearTrust 5.5 eases the administration of securing Web services identity management across business partners' systems.
- Passive scanning: A new take on network vulnerability scanning by Joel Snyder, Contributor
Secure coding essential to risk mitigation planning
by Andrew Briney, Information Security magazine
Information Security magazine's editorial director Andrew Briney talks about the lack of incentive for making code more secure.
Examining hacker bounty pros and cons: Do they stop computer hackers?
A hacker bounty could create a new benchmark for hackers to measure themselves, so do bounties stop computer hackers?
Understanding the Open Systems Interconnection model
by Jay Heiser, Contributor
It's time to take the Open Systems Interconnection (OSI) model up a notch to the human layer.
Spammers drive organizations to block Internet traffic to stop attacks
by Dana W. Paxson
Spammers and hackers are driving organizations -- and nations -- to block Internet traffic in order to stop attacks.
- Secure coding essential to risk mitigation planning by Andrew Briney, Information Security magazine
More Premium Content Accessible For Free
In this special issue, we are revealing the winners of our Security 7 awards. This is the ninth year we've handed out the Security 7 awards, which ...
Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication ...
Virtualization and cloud computing are part and parcel of enterprise networks today. Virtualization security, however, is still a bolt-on affair ...