Dealing with External Computer Security Incidents
by CERT Coordination Center - Thursday, 24 October 2002.
Dealing with computer security incidents is extremely difficult. There are many ways that incidents can occur and many types of impact they can have on an organization. There are no complete solutions, and the partial solutions that exist are expensive and resource intensive. However, the alternative--not dealing with security incidents--is yet more expensive, and using weak methods for dealing with incidents may only compound the damage that incidents cause. What is required is a long-term commitment to develop the capability to deal with security incidents, not just make short-term fixes of selected problems.

A security incident is the act of violating an explicit or implied security policy at a single site or across multiple organizations. An external security incident is one caused by an individual or group not part of the organizations that are violated. This paper discusses some of the effort required to deal with external security incidents on an organization's hosts (computers) and network. We look at both responsive actions to incidents and proactive actions to mitigate the risk of such incidents. Because of inherent weaknesses in many of the current network protocols and vulnerabilities in widely used software, external security incidents are inevitable to any organization with a connection to a wide-area public network, even a narrow and limited connection.

Download the paper in PDF format here.

Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //