You more than likely already know you need the best security possible to prevent an attack. You also need IT infrastructure and IT staffing in place to respond to an attack if one happens.
Incidence response should be one of the most important items on your IT security agenda. Your company must be prepared to respond to an incident once it occurs and quite possibly to stop the next one.
As of late, disgruntled employees violate internal policies or misuse system access for their own monetary gain or for revenge on employers due to mergers, outsourcing of business or IT jobs or employee lay offs. Internal threats are as real as external threats.
IT experts say that security professionals with the right skills can help lower the number of and potential for incidents at any organization with their responses.
An article in this week's GovInfoSecurity.com outlines the experts you will need:
Incidence response should be one of the most important items on your IT security agenda. Your company must be prepared to respond to an incident once it occurs and quite possibly to stop the next one.
As of late, disgruntled employees violate internal policies or misuse system access for their own monetary gain or for revenge on employers due to mergers, outsourcing of business or IT jobs or employee lay offs. Internal threats are as real as external threats.
IT experts say that security professionals with the right skills can help lower the number of and potential for incidents at any organization with their responses.
An article in this week's GovInfoSecurity.com outlines the experts you will need:
- Network security specialist: A person familiar with intrusion detection systems.
- Penetration testers: Someone who can assess a system's potential vulnerabilities.
- Incident handlers: People who understand attack methodology and can apply critical thinking skills to respond to incidents.
- Forensics Analyst: The person who looks for evidence after an attack.
- Research Analyst: The person to keep abreast technological advances in incident response activities.
- Team Leader: Leads the team through crises and communicates to the business incident activities and cost to the business.
- Preparation and Training: for both prevention and incident response.
- Identification: fast identification of an occurring attack and its impact on the IT infrastructure can help in minimizing the duration and cost of clean-up.
- Containment: Once an attack has been identified, steps must be taken to minimize the effects of the attack.
- Recovery and Analysis: The recovery period allows analysis and lessons learned of What happened? Why did it happened? Was the response effective?
Powered by Compendium Blogware
Comments for Take a Team Approach to IT attacks