The processes of response on computer security incidents
One of the key responsibilities of company management in mitigation of risks is the deployment of process of response on the computer security incidents. The organization's ability to respond effectively to the incident depends on the quality of preparation for all possible events that could adversely affect the information assets of the enterprise.
In case of incidents related to critical information assets, handling must be based on comprehensive, accurate analysis and prudent response. Preparation of incident response must therefore be necessarily based on a thorough resource planning and especially on the early deployed and tested response procedures. Implementation of incident handling process would be derived from the correct understanding of the entire incident life cycle - from its inception to the closing and subsequently lesson learnt.
In organizations with greater complexity of systems, it is highly recommended to pre-establish and to continuously educate the dedicated team, whose task will be to properly respond to identified incidents. That team will be able to take timely countermeasures to ensure the proper collection of evidences for further investigation of the incident and any criminal implications. The presentation describes the life cycle of the incident, activities of which is composed the incident resolution process and also briefly summarizes the essential prerequisites for the founding of a computer emergency response team, which could be potentially provided as an outsourced service.
Ivan Makatura
 |
The member of IBM Security Services team in the role of Senior security consultant, focused on Information & Cyber Security, Regulatory, Personal Data Protection Risk & Compliance management. Ivan is skilled security manager with more than thirteen years of experience as Chief Security Officer in banks, with broad knowledge in IT, specialized to Information Security Management Systems, IT Service Management Systems as well as on IT Risk Management processes.
Ivan is judicial expert in field Security and protection of information systems licensed by Slovak Ministry of justice. He acts also as certified information security auditor and vice-chairman of Slovak Information Security Association.
He graduated at Technical University of Košice, Faculty of Electrical Engineering and Informatics, studied Computer science and graduated from the same school in Applied Informatics. Later he completed a postgraduate degree in Judicial Expertise and Forensic engineering at Slovak University of Technology in Bratislava. Currently he is working on his doctoral study, with Network Intrusion Detection Systems dissertation thesis.
He holds a few professional certifications: Certified in Risk and Information Systems Control (CRISC, ISACA), Management of Risk (M_o_R, APMG), ITIL v3 and Cisco Certified Network Associate (CCNA).
