PaulDotCom mailing list archives
Re: Situational Awareness
From: Adrien de Beaupre <adriendb () gmail com>
Date: Wed, 4 May 2011 19:00:11 -0400
Hi Bruce, the talk was based on the following references: ISO17799:2005 Code of Practice for Information Security Management ISO18044 Information Security Incident Management ISO20000-2 Information Technology - Service Management Part 2 SANS Computer Security Incident Handling Guide RFC2350 Expectations for Computer Security Incident Response NIST SP800-61 Computer Security Incident Handling Guide NIST SP800-53 Recommended Security Controls for Federal Information Systems NIST SP800-3 Establish and Incident Response Capability CERT-CC CMU/SEI-98-HB-001 Handbook for Computer Security Incident Response Teams COBIT 4.0 ... others as required (PCI-DSS, SoX, HIPPA, ...) Talk all of the relevant controls or requirements, matrix, and prioritize them. Best advice I ever heard with regards to situational awareness: get all of the information you can, triage and evaluate as much as possible, and pay attention. Cheers, Adrien On Mon, May 2, 2011 at 12:50 PM, Bruce Barnett <grymoire () gmail com> wrote:
Thanks, Adrien. Some of our industrial customers are looking for advice and "Best Practices." This will be helpful. _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Situational Awareness Bruce Barnett (Apr 29)
- Re: Situational Awareness Adrien de Beaupre (Apr 29)
- Re: Situational Awareness Bruce Barnett (May 02)
- Re: Situational Awareness Adrien de Beaupre (May 04)
- Re: Situational Awareness Bruce Barnett (May 02)
- Re: Situational Awareness Adrien de Beaupre (Apr 29)