- Malware Computer Threats Evolve Towards Focused, Nimble Tactics
Modern intrusions increasingly use well-planned, nimble, focused strategies rather than brute-force attacks alone. Attackers study business inner-workings to locate valuable data—scraping card...
- Incident Response Tips for Starting a Security Incident Response Program
Create a hierarchy of incident response documents: brief executive-level policy, detailed procedures for technical managers, and guidelines/checklists for responders. Keep them succinct using bullet...
- Cheat Sheets Security Incident Survey Cheat Sheet for Server Administrators
This cheat sheet helps server administrators examine suspect systems to decide whether to escalate for incident response. Avoid actions that access many files; look at logs, network connections,...
- Malware 4 Steps To Combat Malware Enterprise-Wide
Enterprise malware defense follows four phases: Plan by understanding infection vectors and prioritizing targets; Resist using enterprise management systems to deploy controls at scale; Detect...
- Risk Management Non-Financial "Currency" for Framing Security Discussions
Frame security discussions using internal "currency" beyond dollars—reputation, service availability, trade secrets. Also consider individual concerns: looking bad in front of managers, being fired...
- Social Networking Retrospective: Why I Started This Security Blog