Drazen Drazic’s recently addressed the notion of incident response in the security industry, through his rather animated, yet typical scenario. What happens after a security breach and how people respond, is mostly tried to be kept under wraps by the executive teams, after they try to place blame and then avoid the media at all costs. Drazic further goes on to express his concerns for the security industry to remain vocal and continue to push for change, as after all no one else out there knows the extent of just how bad things really are in security these days.
Here is an extract from the CSO Magazine article;
“It will take a massive incident for our company to wake up to itself!” How often do you hear that in the information security industry? All the time — so what generally happens when things go horribly wrong after the “incident” occurs?
To read more and see how the scenario typically plays out visit: http://www.cso.com.au/blog/cso-bloggers/2012/02/01/reloaded-paying-lip-service-incident-response/