Many security leaders argue over whether their incident response posture needs to be proactive or reactive. But Rsam CISO Bryan Timmerman says it isn't either or - that organizations need both. Here's why.
"If you've got an incident response program that's been around for years, then it's probably based on reaction. And reaction is always going to be part of incident response, but it shouldn't be the only part," Timmerman says. "It shouldn't even necessarily be the most important part, and that's where the proactive stance comes in."
Download this interview transcript about incident response to learn more about:
- Why reactive and proactive approaches are both needed;
- How this dual strategy helped Rsam in the immediate aftermath of WannaCry and Petya;
- How Rsam helps its customers achieve the right incident response blend.