Gavin Reid

5 First Steps to Defending against IoT Driven DDoS Attacks In honor of October’s National Cybersecurity Awareness Month, users of Twitter, Netflix, Reddit and the New York Times were treated to a special treat – and just in time for Halloween. Unfortunately it was more of a trick as users of these a…

Before You Take Off, Get Up To Speed on These Six Precursors to Incident Response It seems most advice on setting up a Security Operations Center (SOC), or creating a Computer Security Incident Response Team (CSIRT), focuses on people, technology or processes. Unfortunately, such advice may also in…

On or Off the Clock, Staying Cyber Secure is a New Fact of Life  Cybersecurity has always been a major concern for workplace networks. But, increasingly, it is top of mind for home networks as well. Take a quick guess at how many mobile devices are automatically connecting with your home Wi-Fi once…

This blog is a co-authored by Jeff Bollinger & Gavin Reid Are You Too Confident in Your Incident Response? When Charles Darwin stated “Ignorance more frequently begets confidence than does knowledge,” civilization’s evolution from Industrial Age to Information Age was nearly a century away…

As digital transformation sweeps across the world, there is a driving need for more effective logging and data recording for incident response. In today’s IT world, your agency’s Computer Incident Response Team (CIRT) must have the capability to quickly determine the source and scope of an attack on…

Defense in depth is a well understood and widely implemented approach that can better secure your organization’s network. It works by placing multiple layers of defense throughout the network to create a series of overlapping and redundant defenses. If one layer fails, there will still be other defe…

The registration is now open and there is still time left to respond to the call for papers for the upcoming FIRST Technical Colloquium April 7-8, 2014. Please contact us at amsterdam-tc@first.org for speaker engagements. The event already has an exciting preliminary program covering: Savvy Attribu…

We know that as time goes on, the cybercrime network’s operations will only more closely resemble those of any legitimate, sophisticated business network. And like all enterprising businesspeople, those who are part of the “cybercriminal hierarchy”—which is discussed in the Cisco 2014 Annual Securit…

This is the second and final part of my series about security logging in an enterprise. We first logged IDS, some syslog from some UNIX hosts, and firewall logs (circa 1999). We went from there to dropping firewall logging as it introduced some overhead and we didn’t have any really good uses for it…