![]() One important point made was that if an organization is not legally required to disclose a breach, should they still do so? This may apply when the information leaked is not subject to data breach notification laws, such as children’s data, geolocation, or chat logs. The majority of the audience said they had received a breach letter notification – a few more than once – so it’s evident organizations need to think of themselves in that situation. SYSINTERNALS SUITE SECURITY TASK CONTEXT HOW TOIn this panel, the speakers discussed what to do when responding to a breach and notifying customers, as well as how to manage that risk. When we think about incident response, so much of that attention is given to the technical components and not enough to the customer aspects, said Heidi Shey, senior analyst at Forrester Research. Matt Prevost ( Vice President, Cyber & Technology Product Manager, Chubb.Lisa Sotto ( Partner, Hunton & Williams.Bo Holland ( Bo Holland), CEO, AllClear ID.Heidi Shey ( Senior Analyst, Forrester Research.TARDIS covers threat analysis, reconnaissance, and data intelligence systems by taking the data of Indicators of Compromise (IoCs) and looking at historical logs for signs of exploitation.īy adding valuable time context to threat intelligence, Smith said organizations can pinpoint exactly when a breach occurred, as well as gain other critical forensic analysis information.Īvoid Epic Fails: Elements of Successful Breach Notification and Response Speakers: He went on to introduce TARDIS – an open-source framework he developed, which helps perform historical searches using attack signatures. Smith gave an overview of the various forms of threat intelligence sources, as well as their pros and cons. This is where time context and threat intelligence proves extremely helpful. However, Smith noted that security data is more than big data – it’s morbidly obese data – and the more data we collect, the more noise it collects. Many organizations today collect this data from systems, applications, and network devices as a way to get alerts of abnormal behavior. ![]() ![]() Travis Smith, a Senior Security Research Engineer here at Tripwire, discussed the importance of context when gathering security data. We now continue our coverage of this week's event with Part 2 of our RSA Conference 2016 Takeaways series.ĭreaming of IoCs: Adding Time Context to Threat Intelligence Speaker: Travis Smith ( Senior Security Research Engineer, Tripwire, Inc. Yesterday, we at The State of Security offered a recap of some of the notable presentations that have occurred at RSA Conference USA 2016. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |