Shakespeare once asked “what’s in a name?” Call a rose something else and it would still smell as sweet, he argued.
But over the decades, the answer to his question has often been “quite a lot.”
Some IT staffers, he says, treat IT problems and security incidents the same way. Wrong. Security incidents can bring down an organization. IT problems – an app doesn’t work, Internet access has been cut, PCs are slow – can be fixed. They need to be fixed fast, but there’s no need for panic.
But if corporate secrets are stolen, if there’s been a loss of confidential personal data then someone better light a fire under the pants of the security team.
“The difference between IT issue resolution and security incident response is huge and unambiguous,” writes Churakin.
The bot threat
Some of the most serious threats networks face today are "bots," remotely controlled robotic programs that strike in many different ways and deliver destructive payloads, self propagating to infect more and more systems and eventually forming a "botnet."