incident response policy

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Address these eight concerns in your incident response policy

Every organization should include an incident response policy as part of its overall business continuity plan. Here are the most important elements to focus on when you build your IRP. You may not think you need an incident response policy IRP. After all, you've locked down your...

Tags: Incident Response Policy, Business Security, Security, Business Operations

Download resources 2005-08-16

Additional Resources

In the aftermath of the T-Mobile Chernobyl

Lazy people.Thats all I can think. Who, in their right mind, would entrust valuable data to >> someone elses system

Tags: Backups, backup, cloud computing, T-Mobile

Discussion threads 2009-10-12

Delays, delays on White House cyber positions.

Where is the cybersecurity czar? And the White House intellectual property coordinator? The folks for those important federal tech positions have been chosen but there is no sign of announcements being made, NextGov says. The likely nominees for cyberczar: Howard Schmidt, former White House special adviser...

Tags: Job, White House, Recruitment & Selection, Human Resources, Workforce Management, Richard Koman

Blog posts 2009-07-27

Ensuring FISMA Compliance: Integrating Forensics and Incident Response as Mandated by NIST SP 800-86

The Federal Information Security Management Act FISMA of 2002 mandates that federal agencies must establish incident response capabilities (44 U.S.C. §3544 b(7)). FISMA requires that federal agencies implement an incident response capability consistent with the guidelines and standards established by the National Institute of Standards and Technology NIST (44 U.S.C....

Tags: Incident Response, FISMA, NIST

White papers 2009-04-20

Attackers pounce on Microsoft PowerPoint zero-day

Attackers are using rigged PowerPoint files to exploit an unpatched vulnerability in Microsoft's presentation software, according to warning late Thursday from the software maker. In a pre-patch advisory, Microsoft described the attacks as "limited and targeted," the kind of language that suggests it is being used to...

Tags: Attacker, Microsoft PowerPoint, Microsoft Corp., Microsoft Office, Office Suites, Software, Ryan Naraine

Blog posts 2009-04-02

TechRepublic: 10 important categories of employment transition security

Employment transition is an often overlooked danger to company security. Make sure you pay proper attention to protecting your business from security compromises when someone leaves your company. This guest post by TechRepublic's Chad Perrin walks you through the employee termination security steps. It's quite timely...

Tags: Account, TechRepublic Inc., Employee, Policy, Employment Transition, Security, Larry Dignan

Blog posts 2009-02-06

A roadmap for the Twitter CSO

The folks at Twitter had to deal with an attack from both phishers and hackers over the past few days. As someone who has been in their shoes many times before, I deeply sympathize with their team and I understand the amount of work that they need to do....

Tags: Password, Twitter, Phishing, Security, Spam And Phishing, Adam O'Donnell

Blog posts 2009-01-07

Brewster Kahle offers a cookbook for fighting security letters

Just talked to Brewster Kahle at the Internet Archive about their successful settlement with the FBI of a lawsuit over a National Security Letter. The FBI had demanded personal information on a user; the Archive replied with a lawsuit challenging the propriety of the NSL. As part of the settlement,...

Tags: Security, Electronic Frontier Foundation, FBI, Library, Brewster Kahle, Cookbook, National Security Letter, Federal Government, Government, Richard Koman

Blog posts 2008-05-08

Advocacy groups in war of words over need to investigate Comcast's alleged BitTorrent throttling

Just a little while ago, I received an email from MoveOn.org, with their reaction to a letter that the Hands Off the Internet coalition sent to FCC Chair Kevin Martin on Wednesday, requesting that the regulatory body investigate Comcast's possible throttling of Bit Torrent traffic. First, to...

Tags: FCC, Censorship, BitTorrent, Comcast Corp., MoveOn.org, AT&T Corp., Internet, Federal Government, Government, Russell Shaw

Blog posts 2007-11-09

LAX IT failure: leaps of faith don't work

LAX IT failure: leaps of faith don't workHow could then not tellA router is down. How do they not notice that? The security guys should have caught that right away. Assuming they have no security the network guys should have caught too.The only way to miss this is to have...

Tags: Routers & switches, Network technology, NETWORKING, TELECOMMUNICATIONS, router, Microsoft Corp.

Discussion threads 2007-08-15

Lunch with Arn Howitt (When Failure is NOT an Option)

I had lunch yesterday with Arn Howitt and Lydia Segal. Arn teaches at Harvard Universitys Kennedy School of Government, and is Executive Director of the Taubman Center for State and Local Government. He and Dutch Leonard run the Program on Emergency Preparedness and Crisis Management at the Kennedy School. These...

Tags: Project strategy, Interview, Government projects

Blog posts 2007-06-08

Google updates maps after Katrina 'airbrushing' incident

Google updates maps after Katrina 'airbrushing' incidentInteresting how Congress can get so hot and fast on the ballexcept for help care, cost of living, where tax dollars get wasted, etc etc. Guess this was an easy target, Google will want to maintain its earned imagine. Now back...

Tags: INTERNET, Google Inc., Katrina, U.S. Congress

Discussion threads 2007-04-02

RSA 2007: DHS's Greg Garcia gets organized for cybersecurity battle

At a town hall meeting at the RSA 2007 Conference in San Francisco, Greg Garcia, the Department of Homeland Security assistant secretary for cybersecurity and telecommunications, described the environment in which his agency operates:"The next ten years there will be a single integrated IP network that serves all needs," Garcia...

Tags: General, Security, Government, Greg Garcia

Blog posts 2007-02-08

Vonage HQ receives threatening letter with powder

Having worked in customer service after college while trying to convince the starched up companies of the day that someone without a standard journalism degree might be worth taking a gamble on- I occasionally encountered the "head case" customer.You know the type. When you call them about a debt,...

Tags: Vonages Holmdel, Vonage Holdings Corp., Vonage, General

Blog posts 2006-12-14

Norton AntiVirus 2007

Norton AntiVirus is back. With the release of Norton AntiVirus 2007, Symantec has both slimmed down the product and deepened its defenses by rewriting much of the code, making the 2007 version a valuable upgrade for existing users and worth a second look from new users and previously dissatisfied Norton...

Tags: Viruses and worms, SECURITY, Norton Co., Symantec Norton AntiVirus, Norton AntiVirus 2007

Product reviews 2006-09-26

"Bad idea" jeans

"Bad idea" jeansHardly the first timeBy the way, please note that the US Embassy to Peru tried to do a bit if arm-twisting on Microsoft's behalf a few years back, as did the embassy to Brazil.Someone apparently failed to mention to the Ambassadors that the 19th Century ended a few...

Tags: U.S. Government, Microsoft Corp.

Discussion threads 2006-09-26

Massive, under-reported online banking breach raises serious disclosure and remedy questions

Massive, under-reported online banking breach raises serious disclosure and remedy questionsHear! Hear!Whenever I read that ZDNet is just an industry shill, I shall think of this insightful, pointed and incisive article. The story here is the story, just what real journalisin is all about. Good work!More dangerous than the link...

Tags: Cyberthreats, Spam, SECURITY, Social Engineering, online banking, phishing, bank

Discussion threads 2006-06-02

300 Bank homepages hacked and redirected!

300 Bank homepages hacked and redirected!That's not the issueI don't care how many questions they ask me like where I was born or what picture I selected when logging in, it's all useless if the site doesn't use SSL for the default login page.My Honest Opinion, and it hurts...

Tags: Financial services, bank, Chase.com

Discussion threads 2006-06-01

Why Windows is less secure than Linux

Why Windows is less secure than LinuxModular Design is GoodDon't shoot the messenger folks!WRONG WRONG WRONGMr. Stiennon has made some crucial mistakes in his "analysis". Let's see if ZDNet's lame comments system will let me post a link to the blog I wrote in response to this article:LinkOr...http://techrepublic.com.com/5254-6257-0.html?forumID=99&threadID=184332&messageID=1995023&id=2926438Or...http://techrepublic.com.com/5254-6257-0.html?forumID=99&threadID=184332&messageID=1995023&id=2926438J.JaBrokenAn unexpected failure...

Tags: Operating systems, Web servers, OPEN SOURCE, SECURITY, Blogging, Modular Design, Now-What, Microsoft Windows, Windows IS, Linux, Apache Software Foundation, distributed denial of service

Discussion threads 2006-04-14

Wireless Intrusion Detection Systems Including Incident Response & Wireless Policy

For some time wireless has had very poor, if any, security on a wide open medium. Along with improved encryption schemes, a new solution to help combat this problem is the Wireless Intrusion Detection System WIDS. In the security and wireless world this has fast become a major part of...

Tags: Intrusion Detection System, Wi-Fi, Wireless

White papers 2006-03-14