FW: Security and Contingency Planning

[b.hines () comcast net]

In case any one is interested. 

b

-------------- Forwarded Message: -------------- 
From: "Richard Piedrahita" <piedrahr () wchsys org> 
To: <security-basics () securityfocus com> 
Subject: Security and Contingency Planning 
Date: Thu, 22 Dec 2005 03:10:11 +0000 

Hi Everyone: 

I have a hypothetical situation and two questions: 

Hypothetical Situation: 
I have taken all the precautions and spent many, many dollars to 
protect my little business but yesterday, a very bad person breached 
my network defenses and stole some very confidential product, 
customer, and financial information from my little business. But, 
they didn't get it all. I spotted the activity and crashed the entire 
data center before they got some of the key pieces of information. 
Fortunately I had a hot site ready to go so my little business is 
running again and I am taking extra steps to make things even more 
difficult for some one to break into my systems but I know "they" are 
going to come after the rest of the information again (the stuff is 
worth oogles of dollars, O.K. ;-) 

Question 1: 
Besides calling the local constabulary, are there any established 
and/or reputable private businesses out there that can send a sort of 
network tactical investigative team to investigate the incident (do 
the network investigation legwork (audit all the logs, traffic 
analysis, etc.), develop the evidence, deliver the reports, and tell 
me who (maybe not by name) did what, when they did it, how they did 
it, and from where they did it, etc. 

What I need is a cross between the U.S. Marines, Dick Tracy, and Lt. 
Cmdr. Data (Star Trek) that can look at all this and tell me something 
useful in a reasonable amount of time. I don't think the local 
constabulary can handle something like that in a short amount of time 
so I will need serious help for this. 

Question 2: 
Along the same line, does anyone know of any good Public Relations 
firms that could help my little company manage to ensuing maelstrom 
once the public finds out (especially my shareholders, ouch!) that my 
little company lost it's customer's personal information, valuable 
trade secrets, etc.? 

Oh yeah, don't worry about the attorneys; I already have a dozen of 
them paid for in advance for the next decade. 

Any information would be most appreciated. 

Thanks, Rick. 


***** CONFIDENTIALITY NOTICE ***** 
This message contains confidential information and is intended only for 
the individual named. If you are not the named addressee you should not 
disseminate, distribute or copy this e-mail. Please notify the sender 
immediately by e-mail if you have received this e-mail by mistake and 
delete this e-mail from your system. 


--------------------------------------------------------------------------- 
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE 
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus 
----------------------------------------------------------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/