After a meeting at RSA 2014, Security editor Diane Ritchey spoke with Co3 Systems’ Chief Technology Officer Bruce Schneier to discuss incident response in cybersecurity and how Co3’s Security  Module automates security incident response to streamline incident entry and assessment, automate response plan creation and management, and to provide customizable dashboards and reporting.


What does Co3 systems offer to CSOs who are just learning how to work on cyber business-related issues?

“In the wake of highly public security breaches like Target Corporation, more companies are making incident response (IR) a top priority.  Co3 provides an integrated platform for incident response that allows CSOs to perform like a much bigger and more experienced team.  It allows them to coordinate all aspects of a response: what's going on in the network, what information is available from threat intelligence feeds, what the regulations are, what the best practices are, and how to ensure that everything is getting done quickly and effectively.  Plus, reporting to demonstrate to the rest of management that the IR plans are working.”


Why is incident response "a long-neglected area of IT security," as you have said, when the cost and impact of data breaches continues to increase?

“Incident response has always been important, but it's generally been ad hoc.  Companies focused on protection and detection, and assumed that response would just happen.  What we're learning now is that this isn't good enough, and we need tools to assist IR teams in doing their jobs.”


How does Co3 Systems' solutions make incident response compliant?

“Compliant to everything.  The problem is that there are simply too many regulations that a CSO needs to keep track of.  The Co3 platform is backed by a knowledge base of incident response best practices – NIST, CERT and SANS – and global privacy breach disclosure regulations: regional, federal, state and trade.  Customers can easily add their own standard operating procedures and third party contractual requirements as well.  Taken together, Co3 ensures that a company's response is compliant with all of it – and can document their compliance if they have to.”

Learn more at