Cisco: Incident Response: Are you ready?
I am a big proponent of “what if” planning. Are you? I spin through what-if scenarios every day. Sometimes I ponder unlikely events, like: what would I do if I came across a bear while hiking in the forest? Or, a more positive but equally unlikely example: what if I won a million dollars? Either way, I’d want to be prepared.
Security professionals experience “what if” scenarios every day as well: what if we experience a data breach? If my organization suffers loss from a breach, what happens to the business down the road? Unlike my scenarios, the likelihood of the breach occurring is very high and you may not even know it has happened. According to industry reports, it can take organizations more than 100 days to discover security incidents within their own environments. And due to resource constraints, nearly half of these incidents are never even investigated.
Think about that. Attackers lurking within corporate networks for months at a time. They continue to work smarter and faster, only needing to find one vulnerability to get inside a network. Meanwhile, the exploding number of new technologies, devices, and users on enterprise networks makes it unfeasible to block every attack all the time.
Read the entire article here, Incident Response: Are you ready?
Via the fine folks at Cisco Systems.