Avoiding some of these common mistakes ensures your organization’s plan will be updated faster and is more thorough, so you are ready to act when, not if, an incident happens.
Why logging is one of the most overlooked aspects of incident response, and how Cisco Talos IR can help
As the adoption of digital technologies increases, the volume of log data grows, which makes it challenging for cybersecurity teams to identify which logs are most valuable when investigating and analyzing threats.
A healthcare company recently detected a potential Qakbot infection early, and with the help of the Talos IR team, evicted the threat actor from their network quickly before any harm could come to the organization or its customers.
Incident Response trends Q2 2023: Data theft extortion rises, while healthcare is still most-targeted vertical
Ransomware was the second most-observed threat this quarter, accounting for 17 percent of engagements, a slight increase from last quarter’s 10 percent.
A Purple Team exercise is a collaborative approach between offensive (Red) teams and defensive (Blue) teams.
Developing a robust cybersecurity practice involves implementing multiple layers of security measures that are interconnected and continually monitored, including training and awareness programs to ensure that employees follow best practices.
In 45 percent of engagements, attackers exploited public-facing applications to establish initial access, a significant increase from 15 percent the previous quarter.
Researcher Spotlight: Giannis Tziakouris first learned how to fix his family’s PC, and now he’s fixing networks all over the globe
As a senior incident responder, Giannis helps Cisco Talos Incident Response customers secure and respond to security incidents across the world.
Whether it be threat hunting, an active defense posture or just improving security instrumentation alerts and logs an organization keeps, it’s best for every user — no matter the size — to be prepared for when a cybersecurity incident or breach occurs.