Network Security Breaches: 10 Things to Do Immediately After

 
 
By Chris Preimesberger  |  Posted 2012-03-07
 
 
 

Try Not to Fret Too Much: This is Happening To Everyone

Numerous studies show most large and midsize companies reported some type of data system attack in 2011. A majority of data security companies and industry analysts are predicting more frequent and higher-level attacks in 2012.

Try Not to Fret Too Much: This is Happening To Everyone

IDS/IPS Not Enough

Intrusion detection and prevention systems often are not enough protection. Attacks continue to circumvent the best such solutions. Hackers always look at what new measures are in place and purposely find ways around them.

IDS/IPS Not Enough

Apply New/Updated Measures Now

Don't wait until it's too late to have a network contingency plan in place. Too late could be today.

Apply New/Updated Measures Now

Be Prepared

A recent industry survey reported that in 40 percent of enterprise breaches, IT professionals could not identify the source of the attack.

Be Prepared

Record All Network Traffic

Any data that slips through the cracks might be the key to characterizing the breach and assessing the damage. If you can obtain software that can record and replay selected traffic instances, you're well on the way to apprehending the hacker(s).

Record All Network Traffic

Network Recording to Network Forensics

With all network traffic recorded, dissect the attack with network forensics tools. This brings together all the clues and evidence you need to build a case against the hacker(s).

Network Recording to Network Forensics

Answer the Key Questions

Gather all the pertinent information necessary as quickly as possible because time lost most often means evidence lost. Key questions are the same as those asked by a journalist covering a story: Who, what, when, where and how?

Answer the Key Questions

Compliance and Reporting

Network forensics allows you to adequately address your legal requirements.

Compliance and Reporting

Retune and Recalibrate

Use network forensic results to recalibrate existing preventive systems.

Retune and Recalibrate

Network Security Insurance Policy

Network recording and network forensics is your insurance policy once the inevitable happens.

Network Security Insurance Policy

Rocket Fuel