PaulDotCom mailing list archives
Information Security incident management
From: "marck e." <marck.ernest () gmail com>
Date: Thu, 22 Mar 2012 08:17:01 -0500
Hi Since a couple of months ago , our IT Dept is assessing our incident response procedures and incident management software. Currently, Incidents of any kind including some information security incidents (low risk) are being registered on our incident management solution. However some of these incidents involve details that we shouldn't necessarily share with other IT Departments such software developing. Needless to say,our current solution doesn't have a feature to deal with this problem and cuttings on IT budget means we won't afford replacing current incident management solution This has brought to discussion if IT Security Incidents are "another" kind of incidents and if IT Sec Office should have another incident management software.We've been checking open source solutions and this could be viable. Although standards such ITIL indicates IT Dpt should have one and only incident response procedure , sometimes reality makes us reconsider this.Some reasons we have poundered on: Why security incident reports bypass IT Helpdesk: Confidentiality of the details of the incident: 90% of the security information incidents are NOT reported through helpdesk.These incidents are reported by IT Sec Office, IT Operations or any other organization department threatened or affected by the incident directly to IT Director or IT Sec Office.Details of the incidents are not registered on the incident management software but on a separate repository (folders) by IT Sec Dpt which is not the best solution, I know. Time Response: When registered, security incident reporter demand quick responses which is another reason to bypass helpdesk. Anyone to share experiences or advice on this will be appreciated Thanks M.
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Information Security incident management marck e. (Mar 22)