Use your computer fearlessly.

Mission Services Articles Research

business: response, Part 6: Investigation

Rapid Response to Breach, Part 5

by Brent Kirkpatrick

(Date Published: .)

Recover with dignity.

Recovery from breach is a process of reducing risk and blocking intrusion routes. Companies need to prevent siloing of response and recovery in IT, because the IT people may not know the risks. Recovery involves people, process, and technology.

The first step of recovery is to reduce the risk. Make a list of all the sensitive data on your systems. Take it off-line if possible, or reduce access to it. At the same time, notify all the people to whom the exposed sensitive data belongs.

The second step of recovery is to identify intrusion routes. For each identified route, block it using some technical solution. Once every intrusion route is blocked, systems can be cleaned and permissions to access risky data restored.

During these two step, close attention is paid to people, process, and technology. People are notified, people are brought in to manage solutions, and service goals are exceeded. By careful attention to the soft elements of recovery, the company and its clients can recover together.

defendIT. AI-driven security measures derived from security incident data.

What Is New? | Contact | Tips

© 2015, 2016, 2017, 2018 Intrepid Net Computing. All rights reserved.