#FIRSTcon16

22 June 2016 at 11:51am

How (not) to respond to a data breach

Andrew Cormack
incident response
#FIRSTcon16
With the number of data breaches still increasing, all organisations should be making plans for their response when, not if, it happens to them. At the FIRST conference, Jeff Kouns of Risk Based Security suggested learning from examples where the organisation’s response, or lack of it, had made the consequences of a breach much worse, both for the organisation and its customers.
Read more
16 June 2016 at 11:07pm

Incident Response and Insurance: Opportunities to Collaborate?

Andrew Cormack
incident response
cyberinsurance
#FIRSTcon16
At the FIRST conference, Eireann Leverett and Marie Moe discussed a number of areas where incident response teams and insurers could usefully collaborate.
Read more
16 June 2016 at 11:00pm

Taking care of domain names

Andrew Cormack
security
DNS
Domain Names
#FIRSTcon16
At the FIRST conference, James Pleger and William MacArthur from RiskIQ described a relatively new technique being used to create DNS domain names for use in phishing, spam, malware and other types of harmful Internet activity. Rather than registering their own domains, perpetrators obtain the usernames and passwords used by legitimate registrants to manage their own domains on registrars' web portals.
Read more
14 June 2016 at 10:50am

Information Sharing: Learning from Social Networks

Andrew Cormack
#FIRSTcon16
information sharing
security
Information sharing is something of a holy grail in computer security. The idea is simple enough: if we could only find out the sort of attacks our peers are experiencing, then we could use that information to protect ourselves. But, as Alexandre Sieira pointed out at the FIRST conference, this creates a trust paradox.
Read more
Subscribe to #FIRSTcon16