Incident Response

Insights

Blog

The One Where The Car Inspection Expired Due To Malware

Joseph Blankenship 4 days ago
We kept our research associate Alexis pretty busy during the first three months of the year, and she procrastinated getting her annual car inspection in Massachusetts done. When she showed up to get her car inspected early last week (the day before her inspection sticker expired), the service center couldn’t do the inspection. She was […]
Read More
Blog

Mean Time Before CEO Scapegoats

Jeff Pollard March 1, 2021
A few months before I joined Forrester in 2015, I found a blog that introduced a new incident response (IR) metric written by @rickhholland: “Introducing A New Incident Response Metric: Mean Time Before CEO Apologizes (MTBCA).” Rick introduced this — not exactly tongue-in-cheek metric for IR – because the playbook was so familiar. Get breached, […]
Read More
Blog

Meet The New Analyst Covering SecOps: Allie Mellen

Allie Mellen February 16, 2021
Tell Us About You I have a background in computer engineering, and over the past 10 years I’ve been in engineering and consulting roles at organizations like MIT and a variety of startups. I live in New York City and love to read, do yoga, and learn new languages. In normal, non-pandemic times, I’m an avid traveler, though that has obviously […]
Read More
Blog

(Likely) First Cyberintrusion Into An American Water Treatment System

Brian Kime February 9, 2021
Yesterday, the city of Oldsmar, Florida conducted a press conference to disclose that an unknown person had remotely accessed the city’s water treatment system. The public was never in danger, since operators detected the breach quickly and reversed the changes made by the threat within moments. The change made to the system was “loud” — […]
Read More
Blog

Reflections On 2020: Cybersecurity Predictions Versus Reality

Heidi Shey February 8, 2021
You’re probably tired of hearing about 2021 cybersecurity predictions. This is something different. We’re taking a look back to what we predicted would happen in 2020 and grading our predictions. After all, why make predictions in the first place if we’re not going to reflect and assess ourselves afterward? When we make predictions, we aim to identify what is different that we think […]
Read More
Blog

Cybersecurity Lessons Learned From Snowmageddon

Brian Kime January 28, 2021
Social media reminded us that seven years ago, a mere two inches of snow in the middle of the day shut down Atlanta, our beloved city. It’s now affectionally referred to as Snowmageddon or Snowpocalypse. We both worked at competing security vendors then — Brian in the office at the Secureworks HQ in Sandy Springs (just […]
Read More