incident response

Is it time to hire cybersecurity guardians for the network? 

1 min read

Another day, another hack. It seems like every time we turn on the news, we are hearing about another company that has been breached. How to remove the burden of detection, investigation and remediation from the in-house security teams? What about recovering a network and rebuilding trust after a breach – when is the time to turn to an expert? Join #CiscoChat on Wed, June 7th at 11AM PST to talk about alleviating the stress of dealing with the advanced threat landscape.

May 10, 2017

SECURITY

Triage Forensics: Leveraging Digital Forensics during Incident Response

4 min read

You have just been notified by a “TLA” (Three Letter Agency), a law enforcement agency, that your organization has suffered a data breach. Depending on your Threat Management Maturity level, you will either approach this methodically or ad-hoc. A TLA notification will generally involve leveraging the expertise of an Incident Response team, either your internal […]

April 11, 2017

SECURITY

Lateral Movement “Whack-a-Mole”

3 min read

Win with Network Monitoring The Cisco Security Incident Response Service team works every day with customers who have either experienced a data breach or have engaged our team to help ensure they are prepared for an incident before it occurs. Our incident responders recently worked with a client whose organization had been targeted with destructive […]

February 23, 2017

SECURITY

Serenity Now! A better way to malware analysis.

2 min read

Over the last half decade the term sandboxing has become so pervasive, many customers I speak to have forgotten what it’s for!  Sandboxing is a type of malware analysis – dynamic malware analysis to be exact. You execute a sample / file in a virtual environment and see what happens. There are numerous other types […]

February 2, 2017

SECURITY

Malware Analysis for the Incident Responder

7 min read

Malware is one of the most prevalent and most insidious forms of cyber attack.  Identifying and eliminating them are critical in minimizing the impact of a breach.  As a cybersecurity incident responder, I always end up performing some level of malicious file analysis.  In this blog, I’ll share some recommended approaches that have worked for […]

December 5, 2016

SECURITY

Customer-focused Incident Response Service

2 min read

In our highly connected business environments, the need to respond to the inevitable security breach is on the minds of every CISO.  An increasing number of organizations rely on the services of a Managed Detection and Response (MDR) provider.  According to the Cisco 2016 Annual Security Report, 42 percent of surveyed companies outsourced incident response, […]

November 28, 2016

SECURITY

What’s in Your Incident Response Go-Bag?

4 min read

October was National Cyber Security Awareness month and there’s been a lot of talk about how organizations should be doing more to protect their networks. One of the current trends in cyber security is that organizations are increasingly turning to trusted partners like Cisco for some or all of their incident response capability. As a […]

November 7, 2016

SECURITY

Is Your Race to SOC Headed for an Epic Crash?

4 min read

Before You Take Off, Get Up To Speed on These Six Precursors to Incident Response It seems most advice on setting up a Security Operations Center (SOC), or creating a Computer Security Incident Response Team (CSIRT), focuses on people, technology or processes. Unfortunately, such advice may also include doing so at full speed, from the […]

October 19, 2016

SECURITY

Combatting Cybercrime with an Incident Response Plan

2 min read

Based on the cybersecurity news proliferating in the mainstream media today – from ransomware incidents to data breaches of massive proportions – it has become clear that organizations need to...