Breach Response: What Not to DoBrian Laing of AhnLab on Breach Response Do's and Don'ts
The decision seemed to make sense. An organization had suffered a breach, and upon discovering the intrusion, security leaders spent the next three months cleaning their systems and devices of any sign of infection. Yet, within two weeks, they were breached again.
"They never bothered to figure out where the breach came in; they just cleaned all the machines," says Laing, VP of marketing for Korea-based AhnLab. "It turns out they had a thermostat control that had an IP stack on it. That was actually infected."
The lesson is: Don't just respond to breaches; understand completely where and how they occur.
In an interview with Information Security Media Group at the Gartner Security & Risk Management Summit 2013, Laing discusses:
- Biggest mistakes breached entities make;
- What organizations should do when breached;
- What's most misunderstood about advanced persistent threat.
Laing is vice president of marketing at Korea-based AhnLab Inc., which develops security solutions and provides professional services that are designed to secure and protect information.
Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.