Wednesday, April 9, 2014

Quote for Portland Business Journal: Heartbleed

I was recently quoted in the Portland Business Journal in an article about the HeartBleed vulnerability.

"The issue in cybersecurity in particular is the defenders have to defend all the points of entry and every line of code and the bad guys just have to find one flaw. When you implement methods to eliminate classes of problems that is helpful, this is a well known type of problem that has been around for a long time." -Isaac Potoczny-Jones

Heartbleed: A great time to think about incident response


Heartbleed is the nickname of a dangerous OpenSSL vulnerability that was just announced. A security update was already available before the announcement, and this is definitely a vulnerability where quickly patching makes a big difference. A fast response matters here because malware wasn’t in the wild yet, so many sites likely can prevent any negative consequences with quick action.

The necessity for rapid response to vulnerabilities illustrates why you should have an incident response procedure in place. An incident response procedure allows for a measured, planned response to a security incident like this one. In this blog post, we’ll walk you through the basics of putting together an incident response plan, mostly based on NIST’s incident response process.