Get Wisdom as Cheaply as You Can

综合技术 2015-01-04

Happy New Year!

I recently posted the below
on the SANS Internet Storm Center
site.

A long time ago I was given advice from a non-security professional that is among the best and most influential I have received in my security career - "Get wisdom as cheaply as you can”. I was encouraged to learn from the mistakes of others as a means to avoid the full pain of what they were forced to experience.


There are so many places where you can get your lessons learned without having to suffer through an outage or a security incident. You can learn from news articles or breach disclosure reports such as the Verizon Data Breach Investigations Report (

http://www.verizonenterprise.com/DBIR/


) and Mandiant M-Trends (

https://www.mandiant.com/resources/mandiant-reports/


). Create case studies based on these sources that your incident response team can use to conduct tabletop exercises. This preparation exercise will help you determine if your prevention and detection capabilities would be effective if faced with these scenarios

To get you started, here is an example when I failed. I thought it would be a good idea to scan a special internal network segment unannounced with unauthorized equipment. This caused a full and unplanned incident response. I discovered what happened and quickly notified the team of what I did and how sorry I was for causing this incident. Most everyone was gracious and everyone was relieved this was not a real incident. I have not forgotten this lesson and have since put checks in place to make sure it does not happen that way ever again. In addition to learning to only use authorized scanning equipment, I learned the importance of notifying all impacted system and application owners before performing any scans.

Learn from the misfortunes of others. By getting wisdom as cheaply as you can, you are given the opportunity to not have to learn the “hard way”. What lessons have you learned and how have you applied them?

责编内容by:SecurityEverAfter (源链)。感谢您的支持!

您可能感兴趣的

Don’t be sorry, stay alert with Security Testing The time has elapsed when Security Testing was compared to a ‘strong firewal...
Introducing NSX-T 2.1 with Pivotal Integration Application architectures are evolving. That shouldn’t be news to anyone. Today,...
Technavio: Global Home Security System Market Repo... LONDON–(BUSINESS WIRE)– #ITSecurity –The global report has been...
Apple says it will release a detailed report about... In the three days since Apple took the wraps off the iPhone X, the forthcoming d...
人们需要了解的数据中心的网络威胁 网络威胁对于数据中心来说是一个不幸的现实,这些数据中心在防止违规事件方面面临许多挑战。近年来,这种风险一直在增加,超过40%的受访者在Carbonite公司进行...