CrowdStrike Offers Mea Culpa to House Committee

September 25, 2024 at 05:39PM CrowdStrike’s senior VP, Adam Meyers, testified about the faulty July 19 content update that crashed 8.5M Windows systems. He called it a “perfect storm” and apologized. The House Committee highlighted the incident’s global impact and criticized CrowdStrike’s oversight. Meyers outlined measures to prevent a recurrence, emphasizing enhanced testing processes and … Read more

After the Dust Settles: Post-Incident Actions

August 8, 2024 at 11:00AM After a cybersecurity incident, organizations should conduct a thorough review of the attack to understand its timeline, actions taken, and response efficiency. This post-mortem analysis helps in identifying gaps and potential improvements in processes. Sharing incident data and learnings with others in the industry enhances cybercrime prevention. Establishing a timeframe … Read more

Big Tech’s eventual response to my LLM-crasher bug report was dire

July 10, 2024 at 03:29AM Columnist discovered a bug after reporting it in The Register, receiving an influx of emails requesting the bug’s details. Despite brushing off these requests, they engaged with genuine inquiries. After Microsoft initially dismissed the bug, they reopened their investigation. The bug’s impact on AI chatbots remains unclear, highlighting the lack … Read more

While we fire the boss, can you lock him out of the network?

January 12, 2024 at 03:42AM In this week’s edition of On Call, “Alvin” faced a predicament when a client suspected their network engineer of improperly accessing HR files. Alvin’s astute handling of the situation led to the engineer’s dismissal and the discovery of unauthorized servers in his apartment, ultimately vindicating the decision to let him … Read more

6 Steps to Accelerate Cybersecurity Incident Response

November 23, 2023 at 05:54AM Modern security tools are improving in defending networks against cybercriminals, but incidents still occur. Effective incident response requires preparation, identification, containment, eradication, recovery, and lessons learned. Preparation involves training personnel, establishing roles and responsibilities, and devising a response strategy. Identification involves detecting incidents through internal or external means and collecting … Read more

250 Organizations Take Part in Electrical Grid Security Exercise

November 20, 2023 at 06:03AM GridEx VII, the largest grid security exercise in North America, saw participation from over 250 organizations and focused on testing crisis response and recovery plans for cyber and physical threats to the electrical grid. A report with lessons learned is expected in Q1 2024. Previous objectives included coordination between the … Read more