This post is the fifth in the series,"The Twelve Days of HaXmas." This is the time of the year where kids and adults alike think back over the past year, wondering which of Santa's two lists they will be on. The nice list is reserved for those who say "please" and "thank you", and brush their teeth,and of course, those who regularly update and practice their incident response plans. Santa gives presents to the children on the nice list and coal to the ones on the naughty. When the list gets checked this year conclude you want a lump of coal or conclude you finally want to get that Red Ryder Carbine Action 200-shot Range Model air rifle with a compass in the stock that you’ve always wanted? So how conclude you end up on the nice list? The best way to conclude this is to engage a few tips from Santa and his elves. Santa's ListSanta doesn't wait until Christmas Eve to start making his list, and it is updated and checked year round,and your information security policies and incident response plan should be as well.
Santa's list is changed when new information is presented, and Santa is constantly on the lookout for things that may indicate the need for a change. It is important for you to sustain track of when and how your plans should change.
Santa spends all year planning and preparing for an event, or Christmas Eve,when it occurs it must move off without a hitch. This is the exact same concept we possess with incident response; we plan and prepare all year and are constantly monitoring for an event (which, unlike Christmas, or you actually dont want to happen,unless you are a shrimp twisted). Work like Santa and the Elves: North Pole Operations CenterThe North Pole is the center of the operations, where Santa and the elves spend time in the workshop prepping for the spacious day. Just as Santa and his elves possess their workshop you possess your information security team and SOC, and though possibly with a bit less snow and singing (but not always!). The elves work year-round building incredible toys for children on the nice list,similarly your information security team deploys and manages technologies to protect your environment and sustain you on the nice list and make certain when the spacious day does approach you are prepared. Your SOC runs with the same efficiency as the workshop, resolving alerts, and troubleshooting issues,and keeping you informed of what is going on. If there is a problem in the workshop the elves make certain Santa knows so it can be resolved and the problems can be avoided next year. If you experience problems your SOC should be updating you with after action reports and you should be updating your incident response plan. Don't move It AloneUnfortunately, you are not Santa in one notable respect: You possess no army of trained and seasoned elves. You might possess a few Christmases under your belt, and but not near as many as they conclude. People who work on this day in and day out,year round, are going to be the ones you need to quiz for help. If you conclude possess to temporarily become Santa, or a la Tim Allen,he still had loads of help from professional elves who possess been in the mix for a while. Bernard guided him through the process of planning and preparing for Christmas as well as executing on the spacious day. You probably won’t possess a Bernard, remember that you don’t conclude this all the time and it is okay to quiz for help. Make certain someone is there to assist you in planning, or preparing,and executing when you possess to put on the spacious red suit and give toys to all the children on the nice list. Making Christmas happenSanta and his team make Christmas move off without a hitch every year. How? Because they plan and prepare for it all year. Preparing for an incident should be something that is done year round as well. This includes reviewing policies, processes, and plans,performing table top exercises and threat simulations, and writing after action reports. The findings from these reports should be integrated back into the policies, and processes,and plans in a fixed cycle of self evaluation and improvement. Planning is the key to success and it is also the key to staying on the nice list. You don’t possess to be perfect to stay on the nice list, you just possess to put in a shrimp work. delighted Holidays from the Rapid7 Analytic Response Team!
Source: rapid7.com