Mike Tyson notably said, “Everyone has a plan ‘till they get punched in the mouth.” So, how do you ensure the same doesn’t hold true for your company’s incident response plan when a real breach occurs?  Enter the NIST Framework category titled Mitigation.

Albert Einstein once observed, “Not everything that can be counted counts, and not everything that counts can be counted.”

Cybersecurity is out of control. Literally. 

A significant part of incident response involves communication.

We find ourselves in the middle of football season as we tackle the NIST Cybersecurity Framework’s “Respond” function.

It takes months for most computer intrusion victims to learn they were breached.  Unfortunately, the hackers get busy much sooner, often stealing data within days if not minutes.

To quote Shakespeare, “What’s in a name?”

This article is the twelfth in our ongoing series exploring the NIST Cybersecurity Framework. 

Network security practitioners often look to solve technical problems with technical solutions: “The engineers got us into this mess; they can get us out of it.”

When students and staff at the Coast Guard Academy needed their laptops and mobile phones repaired, they called Larry Mathews. For over a decade, Mathews owned the local computer repair shop. Then he pleaded guilty to computer intrusion.