With the number of data breaches still increasing, all organisations should be making plans for their response when, not if, it happens to them. At the FIRST conference, Jeff Kouns of Risk Based Security suggested learning from examples where the organisation’s response, or lack of it, had made the consequences of a breach much worse, […]
Tag: #FIRSTCon16
Posts relating to the Forum of Incident Response and Security Teams (FIRST) Conference 2016
At the FIRST conference, Eireann Leverett and Marie Moe discussed a number of areas where incident response teams and insurers could usefully collaborate. At present some cyber-insurance policies can seem expensive. One component of the cost is the contingency fund that insurers have to maintain in case their assessment of the likelihood and size of […]
Taking care of domain names
At the FIRST conference, James Pleger and William MacArthur from RiskIQ described a relatively new technique being used to create DNS domain names for use in phishing, spam, malware and other types of harmful Internet activity. Rather than registering their own domains, perpetrators obtain the usernames and passwords used by legitimate registrants to manage their […]
Information sharing is something of a holy grail in computer security. The idea is simple enough: if we could only find out the sort of attacks our peers are experiencing, then we could use that information to protect ourselves. But, as Alexandre Sieira pointed out at the FIRST conference, this creates a trust paradox. Before […]