Category


Latest Blogs

All Blogs »

February 9, 2017 | Incident Response Planning
By Ondrej Krehel, IANS Faculty

 Getting the Most from Your Incident Response Engagement

The actions taken after an incident can either lead to improving your security posture and building trust with your customers – or not. In this report, IANS Faculty Ondrej Krehel details ways to ensure the findings uncovered during your incident response (IR) engagements are fully internalized and integrated into your processes and business continuity plans going forward. 

Read More »


January 12, 2017 | Malware and Advanced Threats
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q4 2016

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective.

Read More »


January 5, 2017 | Malware and Advanced Threats
By Dave Shackleford, IANS Faculty

 Information Security Trends for 2017

2016 was a challenging year for infosec, with the proliferation of ransomware, IoT botnets and more. What new attacks will surface in 2017, and what hot technologies are on the horizon to fight them? In this webinar and corresponding report, IANS Lead Faculty Dave Shackleford reveals major trends in store for IT security professionals in the coming year.

Read More »


October 4, 2016 | Data Breaches
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q3 2016

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective.

Read More »


August 15, 2016 | Incident Response Planning
By Bill Dean, IANS Faculty

 Creating Effective Tabletop Exercises

Designed correctly, tabletop exercises can help you determine how well your people, processes and technologies are prepared for an incident – and improve that preparation over time. In this report, IANS Faculty Bill Dean steps you through the process of designing, planning and executing effective tabletop exercises. 

Read More »


July 7, 2016 | Vulnerability Assessment and Management
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q2 2016

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective. 

Read More »


June 17, 2016 | Incident Investigations, Handling and Tracking
By Jason Gillam, IANS Faculty

 Choosing a Vendor For Phishing Awareness Training

Phishing awareness training represents a rapidly growing market within the information security services space. In this Ask-an-Expert written response, IANS Faculty Jason Gillam offers tips for identifying which phishing awareness vendors organizations should avoid and which risks to consider when ultimately making the decision, including security of the vendor, cost and value provided.

Read More »


June 10, 2016 | Incident Response Planning
By Ken Van Wyk, IANS Faculty

 Keeping it Real: Tips for Turbocharging Your Incident Response Prep

Well-rounded incident-response processes can greatly reduce operational disruptions resulting from security incidents. But incident-response protocols are only as good as the people, processes and tools involved. In this webinar, IANS Faculty Ken van Wyk shows you how to get your security teams in shape to defend the organization through relevant, real-world incident-response exercises.

Read More »


May 26, 2016 | IT Forensics
By Bill Dean, IANS Faculty

 Mobile Device Forensics: A Tools Overview

Mobile device forensics tools in the marketplace today vary greatly in both capability and price. In this Ask-an-Expert written response, IANS Faculty Bill Dean assesses a number of these solutions and explains that budget and the types of mobile phones in your environment are the two main factors for selecting the right forensics tool.

Read More »


April 1, 2016 | Vulnerability Assessment and Management
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q1 2016

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective.

Read More »


January 13, 2016 | Incident Investigations, Handling and Tracking
By Adam Ely, IANS Faculty

 Tracking Stolen Data on the Dark Web

No one wants their sensitive data posted to the web for all to see, nevermind find it up for sale on the dark web. In this Ask-an-Expert live interaction, IANS Faculty Adam Ely details ways security organizations can both find stolen data posted to the dark web and ensure its quickly suppressed - before clients or the media find out.

Read More »


January 5, 2016 | Vulnerability Assessment and Management
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q4 2015

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective.

Read More »


December 30, 2015 | Cybersecurity Insurance
By Adam Ely, IANS Faculty

 Cyber-Insurance: Are You in Good Hands?

How important is cyber-insurance, how do you know if you need it and where is the industry headed? In this report, IANS Faculty Adam Ely details the latest options/models and helps you decide which coverage, if any, is right for your business.

Read More »


November 16, 2015 | IT Forensics
By Aaron Turner, IANS Faculty

 Evaluating E-Discovery Tools

Electronic discovery can be a complex challenge for organizations to tackle, particularly when it comes to mobile and cloud data collection and preservation. In this Ask-an-Expert written response, IANS Faculty Aaron Turner identifies key vendors in the e-discovery space and recommends organizations take an approach that blends these solutions with existing legacy tools and internal preservation capabilities for emerging technologies such as the cloud and mobile devices.

Read More »


November 5, 2015 | Incident Response Planning
By Marty Gomberg, IANS Faculty

 Out-of-Band Communication Best Practices

When the corporate network goes down and panic sets in, it's critical to have a sound business continuity plan in place. In this Ask-an-Expert written response, IANS Faculty Martin Gomberg offers a checklist for how to prepare for a crisis situation and details some of the tools, techniques and processes that can help support incident response communication, specifically for business continuity.

Read More »


October 30, 2015 | Vulnerability Assessment and Management
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q3 2015

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective.

Read More »


September 3, 2015 | Incident Investigations, Handling and Tracking
By John Strand, IANS Faculty

 Understanding Breach Disclosure Obligations

One of the big questions organizations face in the immediate aftermath of a breach is whether or not to inform law enforcement. In this Ask-an-Expert written response, IANS Faculty John Strand details various scenarios in which law enforcement should always be notified, including if threats are made or if the breach could substantially impact third parties.

Read More »


August 11, 2015 | Incident Response Planning
By Marcus Ranum, IANS Faculty

 Challenging Your Incident Response Process

It's one thing to have an incident response plan in place, but how do you know if it will be effective when a crisis hits? In this Ask-an-Expert written response, IANS Faculty Marcus Ranum offers recommendations for maturing an incident response program, from creating a scoring sheet to assess the criticality of the incident to constantly updating the process based on scenarios that arise.

Read More »


May 21, 2015 | IT Forensics
By Bill Dean, IANS Faculty

 Attaining the Forensics Program Gold Standard

Improve Visibility: With new high-profile breaches being announced seemingly every week, it's becoming increasingly imperative for companies to have strong incident response and forensics programs in place. In this report, IANS Faculty Bill Dean breaks down the key components to achieving the gold standard in forensics programs, from determining the scope to building the team.

Read More »


May 8, 2015 | Incident Response Planning
By Michael Pinch, IANS Faculty

 So You've Implemented SIEM… Now What?

Improve Visibility: Many organizations are implementing security information and event management (SIEM) solutions to help uncover new incidents, but they're falling short when it comes to incident response. In this report, IANS Faculty Michael Pinch examines the challenge of SIEM-generated incident response and outlines the key characteristics of the various toolsets available to help overcome this issue.

Read More »