August 8, 2024 at 11:00AM After a cybersecurity incident, organizations should conduct a thorough review of the attack to understand its timeline, actions taken, and response efficiency. This post-mortem analysis helps in identifying gaps and potential improvements in processes. Sharing incident data and learnings with others in the industry enhances cybercrime prevention. Establishing a timeframe … Read more
July 10, 2024 at 03:29AM Columnist discovered a bug after reporting it in The Register, receiving an influx of emails requesting the bug’s details. Despite brushing off these requests, they engaged with genuine inquiries. After Microsoft initially dismissed the bug, they reopened their investigation. The bug’s impact on AI chatbots remains unclear, highlighting the lack … Read more
January 12, 2024 at 03:42AM In this week’s edition of On Call, “Alvin” faced a predicament when a client suspected their network engineer of improperly accessing HR files. Alvin’s astute handling of the situation led to the engineer’s dismissal and the discovery of unauthorized servers in his apartment, ultimately vindicating the decision to let him … Read more
November 23, 2023 at 05:54AM Modern security tools are improving in defending networks against cybercriminals, but incidents still occur. Effective incident response requires preparation, identification, containment, eradication, recovery, and lessons learned. Preparation involves training personnel, establishing roles and responsibilities, and devising a response strategy. Identification involves detecting incidents through internal or external means and collecting … Read more
November 20, 2023 at 06:03AM GridEx VII, the largest grid security exercise in North America, saw participation from over 250 organizations and focused on testing crisis response and recovery plans for cyber and physical threats to the electrical grid. A report with lessons learned is expected in Q1 2024. Previous objectives included coordination between the … Read more