CSO Perspectives (Pro) 8.3.20
Ep 16 | 8.3.20

Incident response and cybersecurity first principles.

Show Notes

Incident response is a cybersecurity first principle strategy.

What happens when your organization has a cyber event? In this session, Rick goes deep on Incident Response and the first principle approach to building a powerful cross functional team. With the proven 4-step process and training recommendations for teams of any size, Rick’s first principle approach to Incident Response is simple, effective, and measurable. Have you wondered how successful organizations make unparalleled Incident Response teams? The Hash Table shares their lessons, strategies, and expert advice.

Cybersecurity professional development and continued education.

You will learn about: the 4 steps of incident response, training your incident response team, successes and failures, how industry leaders do incident response

CyberWire is the world’s most trusted news source for cybersecurity information and situational awareness. Join the conversation with Rick Howard on LinkedIn and Twitter, and follow CyberWire on social media and join our community of security professionals: LinkedIn, Twitter, Youtube, Facebook, Instagram

Additional first principles resources for your cybersecurity program.

For more incident response and cybersecurity first principles resources, check the topic essay.

Selected Reading:

  1. A Tour of the Worm,” by Donn Seeley, Department of Computer Science, University of Utah, February 1989.
  2. "Computer Security Incident Handling Guide: Special Publication 800-61 Revision 2,” by Paul Cichonski, Tom Millar, Tim Grance, and Karen Scarfone, NIST - National Institute of Standards and Technology, U.S. Department of Commerce, August 2012. 
  3. Framework for Improving Critical Infrastructure Cybersecurity,” National Institute of Standards and Technology, Version 1.1, 16 April 2018, Last visited 17 June 2020.
  4. Robert Tappan Morris – The Morris Worm,”Hackers, Crackers And Thieves: An Index Of Cyber Good Guys, Bad Guys, And Some In-Between.
  6. The Cornell Commission: On Morris and the Worm,” Communications of the ACM, June 1989.
  7. The Cuckoo's Egg,” Brian Lamb, Book Notes, C-SPAN, 3 December 1989.
  8. The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage,” by Clifford Stoll, Gallery Books, 1989.
  9. The Cybersecurity Canon: The Cuckoo’s Egg,” By Rick Howard, Cybersecurity Canon Project, 24 December 2013.
  10. The KGB, the Computer and Me,” by Robin Bates, WGBH, 3 October 1990.
  11. The Morris Worm: 30 Years Since First Major Attack on the Internet,” FBI, 2 November 2018.
  12. The OPM Breach: Timeline of a Hack,” by David Bisson, Tripwire, 29 June 2015.
  13. The OPM Data Breach: How the Government Jeopardized Our National Security for More than a Generation,” Committee on Oversight and Government Reform U.S. House of Representatives 114th Congress, 7 September 2016.
  14. USIS contracts for federal background security checks won’t be renewed,” By Christian Davenport, Washington Post, 9 September 2014.
  15. USIS, security firm that backgrounded Snowden, also checked Navy Yard shooter,” By Michael Isikoff, NBCNews, 19 September 2013.