IT disaster recovery, cloud computing and information security news

Daisy

Collaboration between various state cyber agencies results in comprehensive technical guidance for incident response

A joint advisory has been issued which presents the result of a collaborative research effort by the cyber security authorities of Australia, Canada, New Zealand, the UK, and the US. It highlights technical approaches to uncovering malicious activity and includes mitigation steps according to best practices.

Key points:

When addressing potential incidents and applying best practice incident response procedures:

First, collect and remove for further analysis:

  • Relevant artifacts,
  • Logs, and
  • Data.

Next, implement mitigation steps that avoid tipping off the adversary that their presence in the network has been discovered.

Finally, consider soliciting incident response support from a third-party IT security organization to:

  • Provide subject matter expertise and technical support to the incident response,
  • Ensure that the actor is eradicated from the network, and
  • Avoid residual issues that could result in follow-up compromises once the incident is closed.

Read ‘Technical Approaches to Uncovering and Remediating Malicious Activity’ (PDF).



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.