One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1013533 |
| Date de publication | 2019-01-29 14:00:00 (vue: 2019-01-29 15:01:02) |
| Titre | Ways to Respond to a Breach |
| Texte |
Breaches aren’t easy to deal with, especially if you are of the opinion that companies are people too. Having seen, been part of, and lent a shoulder to many a breach, here are nine of the common ways companies respond to breaches.
Delayed response
A delayed response is when a breach has occurred and the company is informed a long time after the fact, usually when the data appears on a dark web sharing site. The company sometimes informed by law enforcement, or by reading about it on Brian Krebs’ blog.
Complicated response (traumatic or prolonged)
A complicated breach becomes severe with time and can impact the entire company. This can be the case when regulators step in to look at a breach. Were you PCI DSS compliant? Well not anymore. Did you have European citizen data? Well say hello to my little GDPR friend.
Disenfranchised response
Disenfranchised breaches are where the company experiences a loss, but others do not acknowledge the importance or impact. For example, an intellectual property breach that allows a competitor to get ahead is felt by the company, but elicits little, if any sympathy from customers.
Cumulative response
A cumulative breach is when multiple breaches or incidents are experienced, often within a short period of time. For example, getting locked out of your IoT devices accounts while records are being exfiltrated out of the mainframe during a DDoS attack.
A cumulative breach can be particularly stressful because a company doesn’t have time to properly respond to one incident stating how they ‘take security seriously’ before experiencing the next.
Distorted response
Sometimes a company responds to a breach in extreme and hostile ways. In a manner befitting a toddler, the company may resort to blaming a partner or any other third party company.
On occasion the finger of blame is pointed towards an employee or contractor for not patching a system. Or, in some cases, the company will want to set an example and unceremoniously fire the CISO.
Inhibited response
Also known as “keep this between us” is a conscious decision by a company to keep details of a breach limited to a very small group.
Problems can occur if customers or regulators get wind of it, and can cause bigger issues down the road. By then, the only viable option for companies is to shred the documents, wipe the hard drives, and research countries with non-extradition treaties.
Collective response
Collective breach is felt by a wider group, and the impact is shared. It can be a useful tactic in bringing all people on the same side and put their differences aside.
When everyone is forced to change their passwords after a breach, it gives common ground for them to share the pain.
Absent response
A favourite of social media giants, absent response is when a company doesn’t acknowledge or show signs of any response. This can be as a result of shock, denial, or simply passing everything onto business as usual.
It’s important to note that in some instances, just because you can’t see the signs of a response, it doesn’t necessarily mean that a company isn’t taking responsive actions.
Or it could just mean they don’t care, it can be hard to tell.
Anticipatory response
Remember all those posters telling you ‘it’s not a matter of |
| Envoyé | Oui |
| Condensat | “keep ‘it’s ‘take about absent accordingly accounts acknowledge actions affect after ahead all allow allows also anticipatory any anymore appears are aren’t aside attack because becomes been befitting before being between bigger blame blaming blog breach breaches brian bringing business but can can’t care case cases cause change ciso citizen collective common companies company competitor compliant complicated conscious contractor could countries cumulative customers dark data ddos deal decision delayed denial details devices did differences disenfranchised distorted documents does doesn’t don’t down drives dss during easy elicits employee enforcement entire especially european everyone everything example exfiltrated expecting experienced experiences experiencing extradition extreme fact favourite felt finger fire forced friend from gdpr get getting giants gives ground group hard has have having hello here hostile how impact importance important incident incidents informed inhibited instances intellectual iot isn’t issues it’s just keep known krebs’ law lent lessen limited little locked long look loss mainframe manner many matter may mean media mode multiple necessarily next nine non not note occasion occur occurred often one only onto opinion option other others out pain part particularly partner party passing passwords patching pci people period place plans pointed positive posters preparing problems prolonged properly property put reading records recover regulators remember research resort respond responds response responsive result road same say security see seen seriously’ set severe share shared sharing shock short shoulder show shred side signs simply site small social some sometimes stating step sting stressful sympathy system tactic taking tell telling them then third those time toddler too towards traumatic treaties unceremoniously us” useful usual usually very viable want ways web well when when’ where wider will wind wipe within your |
| Tags | Patching |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.