CSO's Incident Response Survival Guide

If there's anything that has been proven in the past handful of years in information security, it's that despite all of the talk and all of the spending on defensive technologies -- from anti-malware to security event and information management systems - it's just not realistic any organization to be able to block all serious attacks.

No one would argue that preventing attacks isn't ideal: but that's just not the reality we face. The reality is that most organizations will be breached at some point. As a result, most organizations need to better prepare for how they will identify and respond to attacks as they are underway.

That thought certainly matches anecdotal evidence from the number of organizations that have been breached at the same time they were also compliant to government or industry security regulations, such as PCI DSS. Also, according to the 2013 Verizon Data Breach Investigation Report, 66 percent of breaches in the past year took at least months, if not years, to be identified. That 66 percent figure is up from 55 percent in 2011 and 41 percent in 2010.

Learn More

Already an Insider Sign in


George V. Hulme

Zur Startseite