Cybersecurity has become one of the biggest threats to organizations over the last decade. Many experts – NTT Security included – have given good advice on how their security teams can implement an effective information security program. Many will have taken these concepts and used them within their organization but the question is: how do you know that your implemented Security Operations Center (SOC) or Incident Response team is functioning as expected?
In the engineering industry, there is a widely used term the ‘bathtub curve’ which is used in reliability engineering to describe stress testing and failure rates. The term is derived from the cross section of a bathtub (steep sides and a flat bottom), and the model does a great job at showing how a standard security monitoring program functions over time.
As a regular contributor on incident response for Infosecurity Magazine, I was recently invited to talk about the bathtub curve in more detail. You can read the full article here.
Finally, for more insight on incident response, it’s well worth you listen to this webinar on the cyber incident response checklist for the future – led by my colleague and Senior Incident Response Analyst, Terrence Lillard, and Hitachi Vantara’s Director of Cyber Security Operations, Dan Garlick.
The webinar offers valuable takeaways for security leaders, their teams and their partners on the incident response services to consider before a compromise or breach occurs, during an incident and after an incident. This is in addition to the six steps to incident response – detect, identify, contain, remediate, recovery, lessons learned – which security professionals are already well versed in.
The bottom line is every week a new organization hits the news because it’s been breached and its customers’ data (or its own data) has been stolen. It’s therefore more important than ever for CISOs and their organizations to implement proactive and robust cyber incident response programs and capabilities. The bathtub curve and incident response checklist is the place to start.