Symtrex Inc.

Cyber Security Specialist

Call - 866-431-8972 | Send an Email | Request a Quote
Visit Us On FacebookVisit Us On TwitterVisit Us On Linkedin

Profile

 [metaslider id=2951] … Read More

  • Home
  • Profile
    • Contact Us
    • Security News
    • White Papers
  • Services
    • Compliance Regulations
      • PCI DSS Suite of Products
      • HIPAA/Hitech
      • SOX – Sarbanes Oxley
      • DCID 6/3/NISPOM Chapter 8/JAFAN DoD
      • NERC/FERC
    • Industry Consulting and Implementation
      • Banking and Financial
      • Energy/Utilities
      • Healthcare
      • Retail/Hospitality
    • Security Assessment
  • Security Solutions
    • Sophos
    • Endpoint Security Solutions
      • Bitdefender Business Solutions
      • Sophos Endpoint Protection
    • Forensic Solution – Threat Hunter
    • Network Access Control
      • NetShield
        • NetShield
    • NGFW – UTM – Perimeter Security
      • Sophos Network Protection
    • Security Awareness Training
      • KnowBe4 – Security Awareness Training
      • Sophos Phish Threat
  • White Papers
    • Sophos Webinar Series
  • Security News
    • Blog
    • Sophos Webinar Series
  • Free Security Tools

The first 24 hours

2015/06/16 by admin

While reading an ebook on PCI DSS from SC Magazine, there was a side bar that had steps to be taken within the first 24 hours after identifying a breach, by Matt Malone, CTO and founder of Assero Security.

  1. Record the date and time when the breach was discovered, as well as the current date and time when response efforts begin, i.e., when someone on the response team is alerted to the breach.
  2. Alert and activate everyone on the response team, including external resources, to begin executing a preparedness plan.
  3. Secure the premises around the area where the data breach occurred to help preserve evidence.
  4. Stop additional data loss. Take affected machines offline but do not turn them off or start probing into the computer until your forensic team arrives.
  5. Document everything known thus far about the breach: Who discovered it? Who reported it? To whom was it reported? Who else knows about it? What type of breach occurred? What was stolen? How was it stolen? What systems are affected? What devices are missing? etc.
  6. Interview those involved in discovering the breach and anyone else who may know about it. Document your investigation.
  7. Review protocols regarding disseminating information about the breach for everyone involved in this early stage.
  8. Assess priorities and risks based on what you know about the breach.
  9. Bring in your forensic firm to begin an in-depth investigation.
  10. Notify law enforcement, if needed, after consulting with legal counsel and upper management.

It is important to remember that for the most part Cyber Criminals are not specifically targeting large organizations, they merely see an IP address.

Contact us to find out more.

 

Filed Under: compliance, CyberThreats, PCI, Products, Security News

Let us help answer any questions you may have

requestmoreinformation.fw

Security News and Updates

  • Was my information part of a breach?
  • Phishing and stolen credentials
  • Ransomware is the Biggest Threat for Small to Medium Businesses

RSS SecurityWeek

  • Google Suspends Chinese Shopping App Amid Security Concerns
  • Verosint Launches Account Fraud Detection and Prevention Platform
  • Ransomware Gang Publishes Data Allegedly Stolen From Maritime Firm Royal Dirkzwager

Contact

  • Contact Us

Request More Info

  • Request Quote

Site Map

  • Site Map

© Copyright 2016 Symtrex Inc. ; All Rights Reserved · Privacy Statement