When was the last time your agency updated its cybersecurity incident response plan? Early 2020, as your employees were moving to more telework? Better check a copy of that plan today. With all the ...

It’s time to update your incident response policies. Typically, an incident response plan lays out a process of identification, containment, investigation, attribution, remediation and communication.

It doesn't matter how large your organization is, you are at risk and sooner or later cyber criminals will try to attack you. It’s not a matter of whether your organization will face a security ...

K12 Security Information Exchange today released a free Cyber Incident Response Runbook for U.S. public schools, a fill-in-the-blank style guide created specifically to help K–12 school leaders build ...

Cyber security incidents have transitioned from potential risks to operational certainties. The constant noise of attempted cyber intrusions, security lapses and IT service events requires all ...

The threat landscape is complex, and the tactics used by threat actors are constantly evolving. In this never-ending game of cat and mouse, it seems no matter what cybersecurity advancements the good ...

Part of the challenge is demonstrated in the question here. Our legacy thinking may lead us into thinking about incident response in a perimeter-focused way; preparing for an attack does not take into ...

His framework centers on five incident types most likely to impact K–12: ransomware attacks, social engineering, data ...

Karen Scarfone is the principal consultant for Scarfone Cybersecurity. She provides cybersecurity publication consulting services to organizations and was formerly a senior computer scientist for the ...

Cyberattacks are inevitable in the interconnected digital world. This unsettling truth has been propelled by the exponential growth of the cybercrime-as-a-service model, which lowers the barrier to ...