https://www.asisonline.org/security-management-magazine/monthly-issues/security-technology/archive/2022/october/Your-Cyber-Response-Plan-Needs-These-6-Components/ Cybersecurity incidents are no longer a matter of if, but when. Building a good strategy and architecture to deter intrusions is incredibly important in reducing the frequency and severity of incidents, but there is no scenario where any organization is totally immune. That means that every organization must have a plan for what they… Read More ASIS Article – Preparing for OT Incident Response
With the surplus of ransomware attacks consistently increasing, I have unfortunately witnessed another increase – in shoddy and predatory cybersecurity incident response firms with good SEO taking advantage of victims. In some cases this may be opportunistic, and in others simply a side effect of the shortage of senior and principal level incident responders in… Read More Reasonable IR Team Expectations
Lesley, I am having the hardest time getting my foot in the door in an investigative role. I have spent almost 4 years at the same job, in the same role, and cannot find a way to transition out of the operations side of the house. I went into operations with the intent of doing… Read More Ask Lesley: From Ops to DFIR, a Tough Transition
I had a discussion today with a particular charming infosec pop star about what differentiates ‘DFIR‘ from other infosec job roles and how it relates to them. This is a question I get asked a lot by ladies and gents interested in making a jump into information security careers, so let’s have a brief discussion… Read More What is ‘DFIR’? And how do ‘Digital Forensics’ roles vary?
. I tweeted these out of frustration quite some time ago and I’ve since been repeatedly asked for a blog post condensing and elaborating on them. So, without further ado, here are Lesley’s Rules of SOC, in their unabridged form.… Read More Lesley’s Rules of SOC