Cybersecurity Incident Response: Three Lessons from Uber’s Story
December 15, 2017, Doug Hudson, Senior Director, Cyber Risk Advisory, Coalfire
The recent news regarding the Uber breach has captured the attention of both the public and legislators. It seems that Uber’s security team discovered a breach, paid a ransom, and didn’t report the matter to company leaders, law enforcement, personnel, or customers.
Ransomware Response: To Pay or Not to pay
April 17, 2017, Doug Hudson, Senior Director, Cyber Risk Advisory, Coalfire
Recently, I was speaking with a CISO friend of mine and he mentioned that his company suffered a breach. I asked if it was a ransomware attack, and sadly, that was the case. Malware had infected nearly every connected computer. Clearly there was a breakdown in protective controls, but I’ll get to that in another post. Digging deeper, I inquired if the amount was under $2,000. Another “yes”. Reported to the FBI….” yes” again!