Craig Hoffman raises some valid points about lessons that can be learned following a security incident. Here are just a few of his points:
- Acknowledging that trust but verify is important (e.g., if someone says a network is segmented, check the ACLs and firewall rules to confirm this).
- Knowing that you can have great security tools and generate terabytes of logs, but someone has to review the logs.
- Determining that assumptions about a vendor’s role in maintaining and managing the security of the service it is offering may have been wrong.
Read his full commentary on BakerHostetler Data Privacy Monitor.