News & Thoughts from the Axenic Team
....to help everyday people be safer online.
Do you want to join the best small team in Wellington? Do you have a great project management or coordination and service delivery background?
Axenic is currently looking for an Engagement Manager to join our growing team. This role will be the project interface between our consulting team and our clients. You will be responsible for managing multiple ongoing projects, ensuring our consultants have everything that they need to be successful and making sure that our clients continue to receive the outstanding service that Axenic is well known for. If this sounds like you, please head over to http://bit.ly/AxenicEM to apply for the role. We look forward to hearing from you.
Terry
This is the fourth article in a series that aim to help organisations build and maintain their information security incident management and response capability.
In the previous article I provided a bird’s eye view of the standard incident handling process. As noted previously, the incident handling process is triggered either by detecting or reporting security events. A number of security professionals believe that detecting an incident means looking for failure logs such as failed login, failed resource access etc.
Happy New Year! During the Christmas break we moved to our new office. We are still in the same building, 187 Featherston Street, but are now located on the 4th floor.
This is the third article in a series that aims to help organisations build and maintain their information security incident management and response capability.
Before getting “into the weeds” of an incident handling process, it is useful to have a bird’s eye view of what it looks like. In this article I will provide you with an overview of the process and a brief description of each of the process steps. While incident handling is widely perceived to be a technical process, only some of its steps require technical knowledge. In reality, a lot of incidents do not require any technical knowledge to handle them. For example, incidents that relate to policy violations, physical security breaches, loss of computing devices, etc.
This is the second article in a series that aim to help organisations build and maintain their information security incident management and response capability.
In the previous article I introduced the issue of the general deficiency of effective incident management and response processes in many organisations. But what is a security incident? The short answer is: it depends! It is up to each organisation to define what kinds of events it determines to be a security incident.