Crisis Management and Incident Management: Indeed There is a Difference!

Avoid employee fear with a Crisis Management Plan

Yes! In times of crisis people are fearful, hesitant, and worried for their overall safety and the ways in which the company will be affected.  As an employer you have to acknowledge and consider this to sustain that much loved loyalty of your wonderful staff! Crisis Management differs from Incident Response as it is the approach to dealing with the people and not simply saving the investment.  Crisis management entails hiring a spokesperson, communicating continuously with all who have been subjected to it, planning ahead for the job of communicating effectively, making updates as early as possible, and making a Crisis Management plan ahead of time. 

Many people overlook the importance of this approach but remember if there is no one in place to encourage people affected in times of crisis then it may have an effect on just how great your incident response plan will play out. Crisis management aids in recovery by providing the encouragement and comfort of employees to go forth and complete assigned tasks and duties.  Crisis management is the interactional component that deals with people that are both internal and external to an organization.

Advertisements

My Mom took her First Cybersecurity Test!

Hello All, it’s time again to spread the cheer and knowledge on our cozy cybersecurity corner!

So, of course we know that some professions incorporate cybersecurity into their workday daily and consistently.  These professions include banking, tax prep, accounting, health care, insurance, and many others.  And then there are those professions that still barely have consistent ways of identifying the cybersecurity concepts in their workday.   Professions such as education and recreation tend to feel as though they are excluded from the “cybersecurity bug”.  Well, you would be surprise to know that DCPS (DC Public School Systems), one of my my former employers, has now FINALLY incorporated a mandatory pre-requisite of cybersecurity basics for all new hires and current employees.

So, my mom always conversates with me about my cybersecurity field but she really never had a clear glimpse of what I was studying.  Oh, if I dared to break down the scope of it this would be a 2-hour long conversation.   Well people, as we incorporate more and more technology into our workday, we will find it an asset to work for companies that take the time to incorporate some sort of cybersecurity training into their security plans. I guess my mom like many other educational professionals says “well what’s the worst that could happen, its just grades and attendance for kids”….     Hmph!!… Didn’t Donald Trump just threaten a school system against releasing his grades?  Could a great Security plan possibly have prevented the wrong person from having contact with POTUS 45 grades?  Yep, are you now understanding where I am going with this?

You got it!  Personally Identifiable Information (PII) of any sort is valuable.  Ok, so yes bank accounts and taxes are more important than grades and attendance.  But are they really?  Grades and attendance speak of your character and your commitment to your education later in life.  But many people don’t realize that.  Anyway, my point is that my mom, a fellow educator of well over 30 years in the public school system took her first Cybersecurity test online as a rehiring prerequisite.  I peaked in on her taking it as she groaned of intimidation.  I simply explained to her that a lot of it was critical thinking and common sense.  She refocused her mindset and came out with a shiny 90%!!!

So very proud of her.  When will you be challenged with a basic cybersecurity test?  Hope you’re ready!

Baselining is never enough… reach further for an Incident Response Plan 👍!

Prior to a cyberattack management should take actions to efficiently prepare for an attack.  The steps in planning have to be specified to suit the needs of the company based on company assets.  Of course, a company should always complete baseline auditing to ensure compliance but that should never be considered enough to secure a system before an attack.  The baseline audit will ensure that all components are in compliance with standards but it does nothing for securing a system or mitigating it during an attack.  

A great management team would have first specified all assets owned by the company.  This means that the components of the infrastructure should be documented.  It also may mean the company recognizes how much data they have for clients.  This can be considered an asset as well.  There are many possible assets within a company but those are just two examples.  Understanding the assets in a company will prepare us to further understand what is the best possible solution for securing these assets to further prepare in times of attack.

After assets are recognized and recorded the formulation of a risk management plan would be a great move. This means that the company will take the assets and prioritize the security needs of each based on which are most viable to a company and can cause the most damage.  This mode of prioritizing will also influence management to understand which systems are critical and which may even be an actual target.  

Management would also need to create an IRP (incident response plan).  An incident response plan is a very practical plan.  It is often viewed as an action plan.  Listed below are actions that need to be implemented when creating an IRP.

  • Recognize how a breach was able to occur and exactly when it occurred.  

  • Be able to identify any systems that have been affected or compromised. 

  • Be able to describe what attackers may have adjusted or stolen.

  • Plan how to effectively contain the situation.

  • Investigate other competitor breaches and their happenings to understand the motive of the adversary.

  • Document all findings to help prepare for upcoming incidents.

Good luck!

The 3 Supreme Benefits of VLAN

What I have gathered from a VLAN (Virtual Local Area Network) is that it is capable of providing “segregation between logical work groups that may or may not be in physical proximity to each other” (Leischner, 2007).  Operating within an organization is important.  Placing departments on a switch to operate alongside each other in private networks suiting their needs is crucial for infrastructure security.  “One of the most popular features today’s switches incorporate is virtual area network (VLAN) support” (Partsenidis, 2016).  Aligned with this system, the switch eliminates the need for routers.  The setup of VLAN is quite simple if we simply consider the switch that is used to segment some from others.  This is done with the use of MAC addresses and it takes place on Level 2 of the OSI model.  
I noted the 3 benefits of VLAN, on which I would like to expand: 

FLEXIBILTY
The first benefit of VLANs is its flexibility. Within VLAN environments hosts are able to be moved from one designated VLAN to another.  This is made possible through the use of software.  If this flexibility were not incorporated into our network activity system administrators would need to rewire data links and even relocate nodes.  In fact, “by allowing virtual machines to move across physical servers in the same VLAN, administrators can keep tabs on the virtual machines and manage them more efficiently” (Hom, 2016).  Administrators are able to watch the activity of physical servers on the VLAN and manage them properly.  
SCALABILITY
Scalability fosters the needs of systems that grow in size.  In my own experience I have seen this approach practiced when segmenting the LAN into departments through a VLAN.  Most of the time companies need a concrete way to service workstations and as the company grows, the number of employees grows, along with workstations and company needs.  VLANs help to allocate resources (for change in size) and provide what is necessary to different departments.  
SECURITY
As emphasize within the module, it is so important for system administrators to be able to withhold sensitive data from those who are outside of the broadcast domain and are not authenticated.  Security is one major reason that many choose to place their workstations onto VLANs.  VLANs provide security by limiting “the ability for any device to hear anything on other VLANs” (Olen, 2013).  In more simple terms, its isolation provides security.  Each VLAN works as a separate isolated network on the router.  
As I expanded on the 3 supreme benefits of VLANs, I wanted to share also that common reasons that VLANs are implemented are load balancing, better management of workstations, tighter security, and allocation of bandwidth.  The greatest challenge for security professionals who set up VLANs is placing only those who need the resource onto the VLAN.  One wrong move could throw an entire system off that contains extremely sensitive data.  Consider VLAN implementation within your company today!

Breaking Down the Evolutionary Change: The Internet as a By-Product of Business.

Any business that incorporates the Internet and its usage into their company and their visions will be well-prepared and those that fail to make this adjustment are considered well, doomed. The Internet is viewed as a global revolutionary change because of its ability to incorporate business-to-consumer electronic commerce. This enables businesses to profit online (e-commerce). It enables a business to mitigate costs possibly and to operate efficiently if the company is able to design a marketing plan, be proficient in it and supply that (via the internet) which is demanded.

However, “EC goes beyond consumers merely buying and selling products online. EC can involve the events leading up to the purchase of a product as well as other customer service after the sale. EC is also used to conduct business with business partners such as suppliers and intermediaries” (Schneider, 2014). For the consumer, “buying goods and services online saves time, offer greater selection, allows for independent research and often saves the consumer money” (Roos, 2016).

The Internet has supplied us a global revolution by offering high speed, on demand service as well as provide an array of products for shopping which is a very noted convenience. Consumers no longer need to make time to physically be present in the store to make a purchase. This allows for better time management for the customer and the ability to think through many purchases. Businesses that incorporate the internet as a by-product understand that this brings one of the many streams of their profits, if not the largest streams of profits.

“But as more people shop, more criminals prey on them, setting up new e-commerce challenges” (Gilbert, 2004). So, the need for consumers to shop so much online brings about a terrible impact when a company doesn’t have the ability to properly secure the internet. This global evolution has also sprung forth consumer’s likelihood to fall prey to many hackers, malware, and other vulnerabilities available.

Each time a consumer chooses to spend money on a website their information may be stored with the correct authorization/ permission, and receiving periodic mailings from companies seem legit. However, what happens when that which is received is not legit? Have consumers educated themselves enough about the internet to be comfortable placing their PII online? Do they understand the true risk imposed for doing this?

If you are planning or operating a business in this day and age it is trivial that you very well understand how online security works. Seek the help of Cybersecurity Specialists and respect the industry for the sake of your clients

Moving Digital Forensics Beyond Reasonable Doubt!

forensics

The wide range of digital devices and extraction processes [within digital forensics] yields a commensurate potential for recoverable evidence within the criminal justice system.  I begin with this expression because while researching Digital Evidence and Computer Crime, I read that digital evidence can be used to reconstruct a crime scene or incident, identify suspects, apprehend the guilty, defend the innocent, and understand criminal motivations”, which heightened my awareness of the abilities of forensics. I wallowed in fictional and fabricated short stories and novels of investigation.  I immersed myself consistently into TV dramas of criminal justice.  However, what I see all too often is a lack of cohesion in the digital forensic world as detectives and CFS’ sort through evidence trying to avoid loopholes.

As a result of my readings I have arrived at the notion that multiple court trials that use multiple approaches for evaluation of evidence does have the potential to create environments of confusions. The field of digital forensics does not currently have mathematics or statistics to evaluate levels of certainty associated with digital evidence (Casey). This pertains to the fact that there is no set procedure available across the board used for evaluating evidence in the field of digital forensics.  There are no generalized approaches or consistent studies that would generate statistics.   This creates inconsistencies that result in unreliability.  Any evidence that is perceived as unreliable creates a reasonable doubt when placed before a judge and a jury.

It is therefore my opinion that the weakness in the digital forensics industry lies in the inability to predict by using consistency that in turn create statistics. To satisfy these lapses, each and every case should be assessed individually incorporating a generalized approach.  Beyond reasonable doubt is the highest standard of proof that must be met in any trial and if digital forensics could generalize its approach to surpass this standard then the industry will achieve a milestone, and digital forensics shall be viewed as an industry much more respected and appreciated.

-Dominique Briscoe, M.S.C.T