Skip to main content

Grand List of Incident Management Frameworks

Forming a Computer Security Incident Response Team (CSIRT) is a complicated affair. It involves a certain combination of staff, processes and technologies.

Luckily, numerous incident management frameworks are available for the rescue. They all aim to provide a structured approach for establishing incident response teams in your organisation.

This post provides a general overview of the most popular incident management frameworks.

Read More

Risk-Driven Incident Response

Psst! Do you wanna protect your company from security incidents?

But what you have is hundreds of apps, your infrastructure looks like a bowl of spaghetti and the company is short on resources? Don’t worry, it’s doable with careful planning!

This risk-based incident response framework lets you target the most critical things at your organisation. Keep on reading and your incident response team will operate as a powerful sniper rifle, rather than a clunky shotgun.

Read More

5 Tips on Writing Security Policies

Even pure technologists have to write security policies in an enterprise environment. As a subject matter on something, technology experts might be asked to contribute to the Software Development or the Internet Acceptable Use policies.

However this leads to policies that nobody reads. Copy-and-paste texts, dry language and 60-page long documents. Rings a bell, anyone?

In the following post I reveal a few tricks up my sleeves for writing simple, crystal-clear and straightforward security policies.

Read More