Gavin Reid

3 min read

5 First Steps to Defending against IoT Driven DDoS Attacks In honor of October’s National Cybersecurity Awareness Month, users of Twitter, Netflix, Reddit and the New York Times were treated to a special treat – and just in time for Halloween. Unfortunately it was more of a trick as users of these and other major […]

4 min read

Before You Take Off, Get Up To Speed on These Six Precursors to Incident Response It seems most advice on setting up a Security Operations Center (SOC), or creating a Computer Security Incident Response Team (CSIRT), focuses on people, technology or processes. Unfortunately, such advice may also include doing so at full speed, from the […]

4 min read

On or Off the Clock, Staying Cyber Secure is a New Fact of Life  Cybersecurity has always been a major concern for workplace networks. But, increasingly, it is top of...

5 min read

This blog is a co-authored by Jeff Bollinger & Gavin Reid Are You Too Confident in Your Incident Response? When Charles Darwin stated “Ignorance more frequently begets confidence than does knowledge,” civilization’s evolution from Industrial Age to Information Age was nearly a century away. Yet, when it comes to many aspects of IT, he nailed […]

2 min read

Defense in depth is a well understood and widely implemented approach that can better secure your organization’s network. It works by placing multiple layers of defense throughout the network to create a series of overlapping and redundant defenses. If one layer fails, there will still be other defenses that remain intact. However, a lesser known […]

2 min read

As digital transformation sweeps across the world, there is a driving need for more effective logging and data recording for incident response. In today’s IT world, your agency’s Computer Incident Response Team (CIRT) must have the capability to quickly determine the source and scope of an attack on its network in order to effectively mitigate […]

1 min read

The registration is now open and there is still time left to respond to the call for papers for the upcoming FIRST Technical Colloquium April 7-8, 2014. Please contact us at amsterdam-tc@first.org for speaker engagements. The event already has an exciting preliminary program covering: Savvy Attribution in the DNS – Using DNS to Geo-locate Malicious […]

2 min read

We know that as time goes on, the cybercrime network’s operations will only more closely resemble those of any legitimate, sophisticated business network. And like all enterprising businesspeople, those who are part of the “cybercriminal hierarchy”—which is discussed in the Cisco 2014 Annual Security Report and illustrated below—look to increase their profits by continually innovating […]

5 min read

We first logged IDS, some syslog from some UNIX hosts, and firewall logs (circa 1999). We went from there to dropping firewall logging as it introduced some overhead and we didn’t have any really good uses for it. (We still don’t.) Where did we go next?