No one can respond quickly to emergencies without a plan -- one that includes the right mix of people, processes and technology. The same principle can be applied to cyberattacks. Defending information systems and networks requires significant attention and resources. The use of those resources will determine how quickly information security managers can respond to cyberthreats.
With this issue, we kick off a three-part security series to help government managers apply the right mix of people and resources to protect their information technology environments.
We begin with a focus on detecting and responding to security incidents. We look at how three private-sector companies handle incident reporting and how their experiences could be helpful to federal officials. We also offer some advice about technologies that can help IT managers report on and respond to security events.
Next week, we'll examine what federal agencies can learn from hackers and the usefulness of penetration services geared to detect system holes and network backdoors that intruders could exploit.
We wrap up the series with a look at security technologies to determine how vendors are updating firewalls and intrusion- detection systems to meet emerging security threats.
By the time you complete the series, we hope you'll be better prepared to respond quickly to all sorts of cyberthreats.