Hmmmm, I Thought So…
By Edward F. Higgins
A scenario is presented where a hypothetical university security incident in which hundreds of thousands of historic student records and payment card information was compromised. The systems were in place (although nothing is 100%), the personnel were trained, but the study suggested that the university was not prepared to address the public when the story broke on the 6pm Evening News.
So, what has changed? Have laws and regulations been prescriptive enough to educate businesses, universities, and other establishments on their requirements to disclose the incident to the public?
Do enterprises know what to do when “it” happens? How to notify the victims? You can’t conceal it… Can you? Did you know that for several years United States laws, such as California SB-1386, have mandated disclosure of a security breach to potentially affected victims. No more hiding of heads in the sand…
The depth and speed at which cyber crimes occur has significantly changed. Formerly a form of crash-and-dash, today’s cyber criminals operate more stealthy with better tools performing significant reconnaissance before they strike. No longer about fame [the notoriety of spray-painting a web page], these criminals carry out well planned, focused and financially motivated attacks, striking at the perfect moment.
The key to adequate incident response today is speed to identify, stop, and address the situation often using outside private investigators for independence and competence in the subject matter, especially preserving electronic evidence. This all has to happen much much much much faster than in the past. Bureaucratic process and stagnant organizations move aside!
Based on studying the incident response processes and situations during real-life actual incident investigations with hundreds of clients, I would suggest that we have a lot of work to do. We kinda need to reinvent our incident detection and response processes.
Until next time, “Watch Out For Yourself”.
~ed
Ed higgins Blog 
Leave a comment