Learning From A Year of Security Breaches

148

This year (2016) I accepted as much incident response work as I could. I spent about 300 hours responding to security incidents and data breaches this year as a consultant or volunteer.

This included hands on work with an in-progress breach, or coordinating a response with victim engineering teams and incident responders.

These lessons come from my consolidated notes of those incidents. I mostly work with tech companies, though not exclusively, and you’ll see a bias in these lessons as a result.

Read more at Starting Up Security