incident response

2 August 2019 at 3:44pm

Incident Statistics for March 2019

James Cleeter
Janet CSIRT
incident response
incident statistics
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence. For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Read more
2 August 2019 at 3:32pm

Incident Statistics for February 2019

James Cleeter
Janet CSIRT
incident response
incident statistics
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence. For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Read more
11 July 2019 at 10:21am

Things that Go Bump in the Night

Andrew Cormack
incident response
Internet of Things
#FirstCon19
Apparently Miranda Mowbray had been wanting to do a talk on "Things that Go Bump in the Night" for some time, and it made an excellent closing keynote for the 2019 FIRST conference in Edinburgh (recording now available on YouTube).
Read more
17 June 2019 at 5:38pm

Incident Response for Connected Hardware

Andrew Cormack
#FirstCon19
incident response
Intelligent Campus
An interesting talk from Rockwell at this year's FIRST conference looked at how to organise incident response in environments containing network-connected hardware devices. Though Rockwell's focus is on industrial machinery, the same ideas should apply to smart buildings and other places where a security incident can cause physical, not just digital, harm. This is not the only difference: connected hardware devices tend to be much more diverse than PCs, and they are expected to have much longer lifetimes.
Read more
18 April 2019 at 8:48am

Recital 49: More than a Safe Harbour

Andrew Cormack
Data Protection Regulation
incident response
In data protection circles, the phrase "Safe Harbour" doesn't have a great reputation. Wikipedia describes those as setting hard boundaries around an area where "a vaguer, overall standard" applies. Famously, in 2015, the European Court of Justice struck down the data protection Safe Harbor arrangement negotiated between the European Commission and the US Government.
Read more
14 February 2019 at 2:46pm

Incident Statistics for January 2019

James Cleeter
Janet CSIRT
incident response
incident statistics
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence. For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Read more
14 February 2019 at 1:35pm

Incident Statistics for December 2018

James Cleeter
Janet CSIRT
incident response
incident statistics
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence. For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Read more
28 January 2019 at 3:18pm

Attackers, CSIRTs, and Individual Rights

Andrew Cormack
incident response
Data Protection Regulation
Incident response teams often share information when investigating incidents. Some patterns may only become apparent when data from different networks are compared; other teams may have skills – such as analysing malware – to understand data in ways we cannot. Since much of this information includes IP or email addresses - information classed as Personal under data protection law - concerns have arisen that attackers might be able to use the law to frustrate this sharing.
Read more
20 December 2018 at 5:28pm

Incident Statistics for November 2018

James Cleeter
incident response
incident statistics
Janet CSIRT
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence. For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Read more
20 December 2018 at 5:23pm

Incident Statistics for October 2018

James Cleeter
incident response
incident statistics
Janet CSIRT
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence. For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.
Read more
Subscribe to incident response