Incident Response by ProQuest


More Info
									Get With IT

      Incident Response
                                                                                                    • Bank storage bins containing paper
                                                                                                 waiting to be shredded were stolen, re-
                                                                                                 sulting in the exposure of countless sensi-
                                                                                                 tive customer records.
                            The biggest security gaffe of all?                                      • A hacker gained access to the credit
                                                                                                 card transaction communications stream
                                                                                                 between a pub and its credit card process-
                                                     By Kevin Beaver, CISSP                      ing company, resulting in credit card num-
                                                                                                 ber exposure and subsequent illegal usage

            rom firewalls, to passwords, to encryp-                                               for someone’s ill-gotten gains.
            tion on one hand, to PCI DSS, ISO                                                       • Confidential information on 4,500 stu-
            27002 and SAS70 audits on the other,                                                 dents was posted on a publicly-accessible
            we often assume that all is well in IT                                               area of a university’s Web site for months,
            as long as we have covered the secu-                                                 resulting in life-long exposure of personal
rity and compliance basics. The general percep-                                                  information.
tion is that the businesses suffering losses result-                                                How would your organization handle these
ing from security breaches are run by people who                                                 situations? Do you have procedures in place
do not follow such practices.                                                                    to respond rather than react? Do key people
   It is one thing to be proactive, but you still                                                involved understand their roles and their re-
have to prepare for the reactive side of security                                                sponsibilities? Does management realize that
— for the things you have overlooked.                                                            most states have breach notification laws,
   If your business were to experience a hack at-                                                requiring businesses to contact customers
tack or some type of data breach, do you feel con-                                               when a breach has occurred or is suspected?
fident that everything would be taken in stride?                                                     Security incidents can result from tech-
Would your incident response team swoop in on the scene to stop the bleeding? What               nical weaknesses in computer system
about your customer service personnel — are they prepared to handle the ensuing flood             configurations and poorly-written Web ap-
of phone calls? Will your PR team be able to stand in front of a television camera and           plications. Operational weaknesses, such
provide sound answers to the media ferrets’ questions? You can throw all the best security       as improper system maintenance, lack of
controls in the world at your information systems, but it is virtually guaranteed that there     training and poor change management are
is something, somewhere, waiting to be exploited. What is your response plan?                    worthy contributors as well. The reality is
   You may be thinking “we don’t have an incident response plan.” If so, don’t feel bad — yo
To top