Knives and Skin, Jennifer Reeder (2019)

The Cure (Mike Olenick, 2017) https://ift.tt/2NgUPxs

Dad is dying, mom can’t sleep, and Nancy is determined to forget what she saw. Linda relives a past trauma and fears what might happen while she is away from home. Meanwhile, Mark entertains a mysterious stranger, who is secretly conducting a deadly experiment in this sci-fi soap opera. Official Selection of Slamdance Film Festival, Fantastic Fest, Fantasia International Film Festival, Palm Springs ShortFest, Chicago Underground Film Festival, Inside Out, NewFest, Ann Arbor Film Festival, Athens International Film + Video Festival, Nightmares Film Festival, NewFilmmakers Los Angeles, and more! CAST (in order of appearance): Kait Staley Lou Olenick Jennifer Estlin Steve Olenick David Rysdahl Justin Rose Lyindaa (Mrva) Russell CREW: Writer, Director, Producer, Editor, Cinematographer - Mike Olenick Creature SFX - Cave Bear Studios (designed by Nikos Rutkowski, makeup by Miranda Stansbury) Spaceship Design - Todd Finney Additional Miniatures - Mike Olenick Music - A.E. Paterra Sound Recordists - Nigel Coutinho, Cameron Sharp Sound Mixer - Paul Hill Soundtrack: https://vcorecordings.bandcamp.com/album/vco-024-the-cure-ost

Dad is dying, mom can’t sleep, and Nancy is determined to forget what she saw. Linda relives a past trauma and fears what might happen while she is away from home. Meanwhile, Mark entertains a mysterious stranger, who is secretly conducting a deadly experiment in this sci-fi soap opera. Official Selection of Slamdance Film Festival, Fantastic Fest, Fantasia International Film Festival, Palm Springs ShortFest, Chicago Underground Film Festival, Inside Out, NewFest, Ann Arbor Film Festival, Athens International Film + Video Festival, Nightmares Film Festival, NewFilmmakers Los Angeles, and more! CAST (in order of appearance): Kait Staley Lou Olenick Jennifer Estlin Steve Olenick David Rysdahl Justin Rose Lyindaa (Mrva) Russell CREW: Writer, Director, Producer, Editor, Cinematographer - Mike Olenick Creature SFX - Cave Bear Studios (designed by Nikos Rutkowski, makeup by Miranda Stansbury) Spaceship Design - Todd Finney Additional Miniatures - Mike Olenick Music - A.E. Paterra Sound Recordists - Nigel Coutinho, Cameron Sharp Sound Mixer - Paul Hill Soundtrack: http://bit.ly/2XtiXRF

Dad is dying, mom can’t sleep, and Nancy is determined to forget what she saw. Linda relives a past trauma and fears what might happen while she is away from home. Meanwhile, Mark entertains a mysterious stranger, who is secretly conducting a deadly experiment in this sci-fi soap opera. Official Selection of Slamdance Film Festival, Fantastic Fest, Fantasia International Film Festival, Palm Springs ShortFest, Chicago Underground Film Festival, Inside Out, NewFest, Ann Arbor Film Festival, Athens International Film + Video Festival, Nightmares Film Festival, NewFilmmakers Los Angeles, and more! CAST (in order of appearance): Kait Staley Lou Olenick Jennifer Estlin Steve Olenick David Rysdahl Justin Rose Lyindaa (Mrva) Russell CREW: Writer, Director, Producer, Editor, Cinematographer - Mike Olenick Creature SFX - Cave Bear Studios (designed by Nikos Rutkowski, makeup by Miranda Stansbury) Spaceship Design - Todd Finney Additional Miniatures - Mike Olenick Music - A.E. Paterra Sound Recordists - Nigel Coutinho, Cameron Sharp Sound Mixer - Paul Hill Soundtrack: https://ift.tt/2EdNFRm

The Cure (Mike Olenick, 2017) by Mike Olenick

Original Post from SC Magazine Author: Doug Olenick

May 2, 2019

NSS Labs has named Jason Brvenik Chief Executive Officer. Previously, he held the position of chief technology officer since January 2017.  Vikram Phatak, CEO since 2007, will remain active on the Board of Directors and Executive team as Founder

December 4, 2018

(ISC)2 appointed Mary-Jo de Leeuw as director of cybersecurity advocacy for the EMEA region. In this role, de Leeuw will work to encourage corporations, governments, academic institutions and others to collaborate on strong cybersecurity policies, legislation and education throughout EMEA in order to drive recruitment and professional development for the next generation of cybersecurity leaders. Previously, de Leeuw was an associate partner for cybersecurity and innovation at the Dutch consulting firm Revnext.

November 14, 2018

Stuart Itkin was named Exostar’s VP of Product Management, where he will oversee all of Exostar’s strategic and tactical product management and product marketing activities. Previously, Itkin oversaw operations at SAIFE, a software-focused perimeter solution firm.

May 24, 2018

Venafi has named Ben Golub to its board of directors. Golub is currently the executive chairman and interim CEO at Storj Labs and previously he was the CEO of Docker.

April 9, 2018

Fidelis Cybersecurity has tapped Nick Lantuh for the position of president and CEO. Lantuh held previous roles as founder and president of NetWitness and executive chairman of eSentire. Lantuh succeeds interim President and CEO John McCormack, who will return to the chairman of the board role at Fidelis.

April 6, 2018w

U.S. Department of Defense named Dana Deasy its new CIO taking over the position in early May. Deasy previously served as CIO for JP Morgan Chase.

March 27, 2018

Karamba Security made several senior level staff appointments appointing Guy Sagy chief technology officer, Assaf Harel, Karamba Security’s co-founder is now Karamba’s chief scientist and Amir Einav has been named Karamba Security’s vice president of Marketing.

March 15, 2018 

CryptoSecure  reported that John McAfee has joined the company as senior strategic advisor.

March 8, 2018

Endgame reported that Shelley Leibowitz is joining the Endgame Board of Directors. Leibowitz Endgame Advisory Board since 2013. In addition, she also serves on the at E*Trade Financial, where she sits on the Risk Oversight and Governance Committees and she serves on the Board of Directors of AllianceBernstein Holding LP, where she sits on the Audit Committee.

February 27, 2018

Sumo Logic has named Barracuda CEO, BJ Jenkins, to the company’s board of directors as its first independent member.

January 30, 2018

Flashpoint announced that Peter George has been appointed to the company’s Board of Directors. George has previously held leadership roles at Fidelis Cybersecurity, Crossbeam Systems, Nortel Networks, and Bay Networks.

January 23, 2018

The FIDO Alliance announced that Sean Estrada, Amazon’s head of industry security engagement, will join the Alliance’s board of directors effective immediately.

January 17, 2018

(ISC)² today announced its newly elected board of director’s officers: Chairperson: Dr. Kevin Charest, Vice Chairperson: Jennifer Minella, Treasurer: Greg Thompson and Secretary: Wim Remes. The four join the 13-member board which provides governance and oversight for the organization, grants certifications to qualifying candidates, and enforces adherence to the (ISC)² Code of Ethics.

Charest is the chief information security officer for Health Care Service Corporation, Minella serves as vice president of engineering and consulting CISO with Carolina Advanced Digital, Thompson is vice president of global operational risk for Scotiabank and Remes is the founder of and principal consultant at NRJ Security.

January 9, 2018

James Turgal, former executive assistant director for the Federal Bureau of Investigation Information and Technology Branch, has joined Deloitte Risk and Financial Advisory’s Cyber Risk Services practice as managing director, Deloitte & Touche LLP. Turgal will primarily focus on advising clients on cyber incident response, cyber war-gaming and cyber resilience.

December 19, 2017

Exabeam announced that Tim Matthews has joined the company as its chief marketing officer. Previously Matthews was Imperva’s marketing and global brand strategy and previously led marketing efforts at PGP Corporation, Symantec and RSA Security.

December 14, 2017

Cindy Provin appointed Chief Executive Officer, Thales eSecurity has named Cindy Proven CEO effective January 1, 2018. Previously, Provin held the positions of president and chief strategy and marketing officer for the company. She will be based in San Jose, California joining the 150 employees at its U.S. headquarters.Pwnie Express named Todd DeSisto as the company’s new CEO. DeSisto has been a member of the company’s board of directors since 2016 and previously held the position of president & CEO of Axeda Corp.

November 29, 2017

Jim Skidmore was named Chief Revenue Officer/Head of Sales at AppGuard. His duties will include managing and expanding the company’s sales team with a primary focus on the end-point management market. Prior to this move, Skidmore was vice president of sales, marketing and business development for Blue Bay Technologies.

Bricata reported two new additions with Phil Salopek joining as CFO and Orville Pike coming on board as vice president of engineering. Salopek, most recently, was co-founder and chairman of Illumineto, while Pike moves over from Koolspan where he held the same position.

November 28, 2017

Shelley Westman was named a Principle/Partner in EY’s advisory practice with a focus on cybersecurity.  Shelley is the demand leader for the Southeast region and will be working with clients across the region in all areas of cybersecurity. Previously, Westman was senior vice president for alliances & security services at Protegrity. Westman is an advocate for boosting the number of women in the cybersecurity sector by founding“WISE” – Women in Security Excelling, a group devoted to advancing women in security.

October 3, 2017

Brendan O’Connor has been named ServiceNow’s first Security CTO effective immediately. Previously O’Connor spent 10 years at Salesforce where he led Salesforce’s global information security organization as CSO.

September 19, 2017

Mark Weatherford was named to Indegy’s advisory board. Weatherford currently serves as senior vice president and chief cybersecurity strategist vArmour. Previously, Weatherford served as deputy unde rsecretary for cybersecurity at the Department of Homeland.

September 14, 2017

AppGuard announced Jon Loew will take over as the company’s CEO and chief marketing officer effective September 14, as well as, being appointed to the company’s board of directors. Loew previously served as CEO for KeepTree, which was just acquired by AppGuard.

The U.S. Department of Commerce and the European Commission have selected Peter Guffin, the head of Pierce Atwood’s Privacy & Data Security practice, to serve as one of 16 arbitrators in the EU-U.S. Privacy Shield arbitration program. As an arbitrator, Guffin, who currently guides clients through compliance with state, federal and international privacy and data protection laws and regulations, is charged with resolving privacy disputes between EU citizens and U.S. organizations and will help shape international privacy law and cross-border data transfer mechanisms. Guffin is the professor of practice and co-director of the University of Maine School of Law’s Information Privacy Law Program.

September 11, 2017

Former U.S. Government Chief Information Officer Tony Scot will join Squire Patton Boggs as their Senior Data Privacy and Cybersecurity Advisor. Scott has also served as Chief Information Officer at VMware, Microsoft Corporation, The Walt Disney Company, respectively, and as and Chief Technology Officer of Information Systems and Services at General Motors Corporation.

September 11, 2017

Cheryl Davis, former director for cybersecurity policy at the U.S. National Security Council and principal director of cyber policy at the U.S. Department of Homeland Security, has joined FTI Consulting’s cross-segment cybersecurity team as a managing director in its Technology segment.

September 7, 2017

Former FireEye CEO Dave DeWalt (left)and Retired General David Patraeus (right) have been named to Optiv Security board of directors. DeWalt, who also is the former CEO at McAfee, will serve as vice chairman.Petraeus, chairman of the KKR Global Institute, is the former director of the CIA.

Mike Potts will take over as Webroot CEO effective September 25. Potts was also named to the company’s board of directors. He will succeed Dick Williams who is retiring as CEO but will remain on the board. Potts previously worked at Cisco where he helped integrate his former company, Lancope after it was purchased by Cisco.

The post Cybersecurity executive changes appeared first on SC Media.

#gallery-0-6 { margin: auto; } #gallery-0-6 .gallery-item { float: left; margin-top: 10px; text-align: center; width: 33%; } #gallery-0-6 img { border: 2px solid #cfcfcf; } #gallery-0-6 .gallery-caption { margin-left: 0; } /* see gallery_shortcode() in wp-includes/media.php */

Go to Source Author: Doug Olenick Cybersecurity executive changes Original Post from SC Magazine Author: Doug Olenick May 2, 2019 NSS Labs has named Jason Brvenik…

Blood Below the Skin from Jennifer Reeder on Vimeo.

BLOOD BELOW THE SKIN 30 minutes, HD, 2015

This short narrative chronicles a week in the lives of three teenage girls, from different social circles, who form a bond in the week leading up to the school dance. Countdown to prom night is actually countdown to irreversible change for each girl. Two of the girls are falling in love with each other against all expectations and the third girl is forced to mother her own mother in the wake of her father’s disappearance. Each girl seeks comfort within the walls of her bedroom where the music blasting from the turntable provides a magical synchronicity between them all. The title refers to the secrets that girls and women keep just below their surface.

Writer and Director: Jennifer Reeder Producer: Steven Hudosh Editor: Mike Olenick Director of Photography: Christopher Rejano Associate Producer: Penelope Bartlett Score: Jenne Lennon Sound: Paul Dickinson Sound Assistant/Boom: Jason Culver Production Coordinator: Afra Siddiqui Digital Transfer/Edit Assistant: Martin Hernandez Rosas

Cast: Darby: Kelsy Ashby-Middleton Joni: Morgan Reesh Joan: Marissa Castillo Annette: Jennifer Estlin Chuck: Connor Golden Mr. Saxophone: TJ Jagodowsky Joan’s Mother: Megan Johns

Additional music: Aesop Rock, Arms and Sleepers, Stars of the Lid, Joan Jett

Support Provided by: Wexner Center for the Arts Studio Program, Sarah Jacobson Film Grant, Indiana Arts Commission, Kickstarter Campaign

recent press:

--festivalists.com/post/118625519101/thejenniferreeder --cinema.arte.tv/de/artikel/portraet-jennifer-reeder

Jennifer Reeder thejenniferreeder.com [email protected]

Jennifer Reeder is a filmmaker and visual artist from Ohio. She constructs personal stories about relationships, trauma and coping. Her award-winning narratives are unconventional and borrow from a range of forms including after school specials, amateur music videos and magical realism.

Some actual additional influences: Swimming pools, Flannery O’Connor, personalized license plates, suicide, felatio, North Carolina, volcanoes, house plants, clouds, monsters, boredom, ELO, temps, happy hour, airplanes, airplane crashes, Maria Callas, mistaken identity, permanent make-up, hot tubs, group therapy, NASCAR, sexual side effects, Appalachia, nausea, drowning, miniature horses, knowing, not knowing, deer, ice fishing, steam, front closing bra, fore skin, electricity, Vito Acconci, snow shoe rabbit tracks, hearing aids, telepathy, artificial grass, secrets, sundown and breaking up.

OFFICIAL SELECTION:

Berlin Film Festival Glasgow Short Film Festival Chicago Underground Film Festival Ann Arbor Film Festival Florida Film Festival Wisconsin Film Festival Short Film Festival Hamburg EMAF, Osnabruck FrauenfilmFestival Koln-Dortmund Kurzfilmtage Oberhausen Melbourne Film Festival

RECENT PRESS

• theskinny.co.uk/festivals/uk-festivals/film/five-of-the-best-from-glasgow-short-film-festival-2015

• crackmagazine.net/art/lsff-jennifer-reeder-valley-girls-the-teenage-girl-aesthetic/

• dazeddigital.com/artsandculture/article/23292/1/the-female-directors-on-top-of-their-game

• news.nationalpost.com/2015/03/02/everything-is-as-bad-as-possible-exploring-dystopic-spaces-at-the-berlinale/

* SHUVIT, 2017 trt: 5:58 Writer/Director/Producer: Jennifer Reeder Executive Producers: Mike Ambs, Erica Hampton, Akra Ray, Rob Maigret Based on the short story "Summer of Bones" by Rob Maigret http://bit.ly/2C8sBKv Director of Photography: Christopher Rejano Editor: Mike Olenick Sound Recording: Jason Culver Sound Mix: Paul Hill 1st AC: Matt Miele 2nd AC: Martin Hernandez Rosas DIT: Camile Casmier PA: Peng Liu Title: Steven Hudosh Archival Footage: Christopher Rejano Music: Arms and Sleepers Gear: Arri Alexa, Daufenbach, Chicago, IL The man (father): Jimmy Pennington The boy (son): Levi Huffman Skater boys: Evren Arica Christopher Coleman Evan Gibson Luis Hernandez Tommy Langsford Casey Lessentine Joaquin Montero Chris Pyter Bishop Remis Ron Stevens Rayshawn Stevens Ryan Stevens Larry Thompson Philp Urban Read the story on Popularium: http://bit.ly/2C8sBKv Support provided by: http://bit.ly/2Ee0cZj contact: [email protected] *This is a Vimeo staff pick video added automatically. So I might be interested.

Tattoos in Commercial Advertising, Movies, & more...

Tattoos in Commercial Advertising

In 1998, Rasheed Wallace, a former NBA player for the Portland Trail Blazers approached tattoo artist Mathew Reed of TigerLilly Tattoo and DesignWorks to request an Egyptian-themed family tattoo design. Reed researched the idea and came up with a design of a king and queen with their three children and a stylized sun in the background on his right arm, now known as the ‘Egyptian Family Pencil Drawing.’ The tattoo cost $450, but Reed expected to benefit from the exposure. Before incising the tattoo, Reed failed to transfer ownership of the artwork or rights in the tattoo design to Wallace.

In 2005, Nike released a commercial developed by Wieden & Kennedy, an ad agency, which focused on Reed’s rendering of Wallace’s tattoo. The thirty-second commercial, narrated by Wallace re-created the tattoo from a computer-simulated image. Reed filed an application to register copyrights relating to the tattoo and subsequently brought a lawsuit for copyright infringement against Nike, Wieden & Kennedy, and Rasheed Wallace in the U.S. District Court of Oregon. The parties settled for a confidential amount before trial. This case is a prime example of what happens when tattoo ownership is not properly transferred from the tattoo artist.

Tattoos as featured in Movies 

Mike Tyson, former professional boxer, has a unique facial tribal tattoo designed by tattoo artist, Victor Whitmill. The tribal tattoo was featured as a joke in the 2011 blockbuster film, “The Hangover II,” the sequel to 2009 film, “The Hangover.” The movie poster displayed Ed Helm’s character donning a replica of Mike Tyson’s facial tattoo. Mike Tyson signed a release acknowledging Whitmill’s ownership of the tattoo artwork and copyright to the Tyson tattoo. One week before the release of the sequel in April 2011, Mr. Whitmill sued Warner Brothers Studios for copyright infringement.

Judge Catherine D. Perry presided over the Whitmill case and addressed the merits of the case on the record: “I think Plaintiff has a strong likelihood of prevailing on the merits for copyright infringement.” Judge Perry criticized Warner Brothers' various defenses to the copyright infringement claim, including the argument that tattoos were not copyrightable subject matter. “Most of the defendant's arguments against [copyright infringement] are just silly. Of course tattoos can be copyrighted. I don't think there is any reasonable dispute about that.” Based on the context of Judge Perry’s statements, it is likely that tattoos are widely believed to be copyrightable as applied to all stages of the tattoo process. Even though Mr. Whitmill did own the copyright to the Tyson tattoo, based on the facts of the case, it is likely that he could have obtained damages if the case had gone to trial. Therefore, the tattoo is indeed protectable and gives the copyright owner the exclusive right to make copies and derivative works of the tattoo artwork.

There is a tension that has yet to be resolved regarding the copyrightability of tattoos. As the profit potential of publicizing those who have tattoos inevitably will increase over time, it is clear that this issue must be resolved in court and not through settlement so that there is precedent for the future. The reality is that the Solid Oak Sketches versus 2K Games litigation opens the door to claims by future tattoo artists because no court has addressed the issue of tattoo copyrightability. While there have been efforts by scholars and students to create a means to recommend and cultivate potential solutions, there is no current finite resolution. It appears that without precedent these cases will continue to settle, or worse, standard that is vague and haphazardly interpreted depending on the case at hand.

Despite the irresolution of the tension, there are some aspects to this issue that can be decided upon. It is clear that tattoo artists should file copyright registrations sooner than later and even consider filing an application for registration on the prepared artwork. Copyright agreements that address the transfer and retention of the owner’s rights is the most effective solution for both recipients and artists. In addition, the NBA Players Association Union must address the scope of tattoo licensing agreements to avoid future litigation. Celebrities, both athletes and actors alike, should also seek to become informed of the legal rights to their tattoos. Athletes are already starting to realize the money value of the real estate on his or her skin, and thus it is possible that tattoo acquiring may be conducted as a business opportunity, which is something the law is not currently prepared for.

 Here are a couple of links relating to video game tattoos...Sometimes, the games inspire people to get new tattoos also!

http://www.gamesradar.com/100-best-video-game-tattoos/

https://www.youtube.com/watch?v=YgF7bx1oPtQ

http://www.nba.com/video/channels/nba_tv/2016/04/02/20160401-starters-tattoos.nba#/

https://www.youtube.com/watch?v=pVDJmmH6a0Y

https://www.youtube.com/watch?v=d5S9c11vxlE

Sources

Roger Groves, Who Owns The Tattoos of LeBron James and Kobe Bryant? Not Who You Think. FORBES http://www.forbes.com/sites/rogergroves/2016/02/08/who-owns-the-tattoos-of-lebron-james-and-kobe-bryant-not-who-you-think/2/#6c5837e871fe.

Aaron Gordon, Who Owns Tattoos?, (2016) (https://sports.vice.com/en_us/article/who-owns-tattoos).

Associated Press, Artist sues Wallace over use of tattoo (2005) (http://www.espn.com/espn/sportsbusiness/news/story?id=1992812).

Steven Olenick, Own that ink: Tattoo copyrights matter for athletes, sponsors (2012). (http://m.sportsbusinessdaily.com/Journal/Issues/2012/09/24/Opinion/From-the-Field-of-Sports-Law.aspx).

Rasheed Wallace NBA Finals Nike Commercial, YOUTUBE (June 26, 2010), http://www.youtube.com/watch?v=RqmRu34PXrU.

Associated Press, Artist sues Wallace over use of tattoo (2005) (http://www.espn.com/espn/sportsbusiness/news/story?id=1992812).

Noam Cohen, On Tyson’s Face, It’s Art. On Film, a Legal Issue. (2011) (http://www.nytimes.com/2011/05/21/business/media/21tattoo.html).

John Cook, Tattoo Artist Who Owns Mike Tyson's Face Sues Hangover Studio for Copyright Infringement (2011) (http://gawker.com/5797178/tattoo-artist-who-owns-mike-tysons-face-sues-hangover-studio-for-copyright-infringement).

Noam Cohen, On Tyson’s Face, It’s Art. On Film, a Legal Issue. (2011) (http://www.nytimes.com/2011/05/21/business/media/21tattoo.html)

RED LUCK IS HERE!

In honor of Friday the 13th, I've unleashed RED LUCK! You have until June 13th the watch it! Tell your friends and your enemies! https://vimeo.com/77988549

SHUVIT, 2017 trt: 5:58 Writer/Director/Producer: Jennifer Reeder Executive Producers: Mike Ambs, Erica Hampton, Akra Ray, Rob Maigret Based on the short story "Summer of Bones" by Rob Maigret http://bit.ly/2EwZwhg Director of Photography: Christopher Rejano Editor: Mike Olenick Sound Recording: Jason Culver Sound Mix: Paul Hill 1st AC: Matt Miele 2nd AC: Martin Hernandez Rosas DIT: Camile Casmier PA: Peng Liu Title: Steven Hudosh Archival Footage: Christopher Rejano Music: Arms and Sleepers Gear: Arri Alexa, Daufenbach, Chicago, IL The man (father): Jimmy Pennington The boy (son): Levi Huffman Skater boys: Evren Arica Christopher Coleman Evan Gibson Luis Hernandez Tommy Langsford Casey Lessentine Joaquin Montero Chris Pyter Bishop Remis Ron Stevens Rayshawn Stevens Ryan Stevens Larry Thompson Philp Urban Read the story on Popularium: http://bit.ly/2EwZwhg Support provided by: http://bit.ly/2sjMjn1 contact: [email protected]

Cool Supercut: Heston of the Apes

Cool Supercut: Heston of the Apes

Heston of the Apes examines the vocal performance of Charlton Heston in the sci-fi classic Planet of the Apes by editing the film down to only the moments when he speaks. (more…)

View On WordPress

Original Post from SC Magazine Author: Doug Olenick

Security is broad. That is evident in, for example, the Security Rule within the Health Insurance Portability and Accountability Act, a central compliance concern for any organization handling the health data of U.S. citizens. That rule specifies the need for three types of protections, which it calls technical, administrative, and physical safeguards.

Related to data best practices, that tripartite line of defense applies to all organizations, not just ones that are in highly regulated industries – so you need a privacy-concerned administrative processes, real technical protection for data environments, and legitimate physical protections of all systems that handle data and any paper records. Core to administrative protections for an organization is the incident response plan since that is your way to be prepared for anything that may arise with a step-by-step procedure to be followed.

Upgrading your IR plan for 2019 and beyond

You probably already have an incident response plan. You can certainly benefit from optimizing it if you have not done so lately. Here is some advice on getting started with an IR plan and improving its contents to account for an increasingly threatening digital landscape. After all, on January 22, 2019, the Cybersecurity and Infrastructure Security Agency (CISA), a division of the U.S. Department of Homeland Security (DHS) released Emergency Directive 19-01, “Mitigate DNS Infrastructure Tampering.” Various executive branch agencies had reported to the DHS that they had been targeted with DNS hijacking attacks.

That is just one situation; compromises occur too often, and the correct first actions are not always taken. In such a hostile data security climate, it can be a strong move to make improvements to your incident response plan. Six key steps to improving your IR posture follow, in no particular order.

Step 1. Actually write a plan.

The first step to improving your plan is making sure it is not just in your head but on paper, and in sufficient detail to avoid confusion if an emergency does occur. However, you actually do want to be careful with overdoing detail – since it can become difficult to respond to a specific situation with a set of cookie-cutter steps that may not completely apply. By testing, you can improve your IR plan over time so that you get granular enough without handcuffing the people trying to respond once the plan is active. Make sure that your plan defines incidents, gives escalation information related to more extreme scenarios, lists the chief stakeholders in the response, and states specific people who are ultimately the accountable people for incident response. These procedures and information are provided as high-level response actions for each of various common situations (such as email phishing).

Step 2. List your key systems.

List your mission-critical data and systems. You want to know where the baby is, in a way, when an incident occurs. Knowing where your most critical and “precious” data is immediately is achieved by constructing a list of mission-critical data systems with locations. You can build your defenses around those systems and know they are your first points of action. It is very important that this list is regularly updated alongside the IR plan, as indicated by a Notre Dame professor of IT, operations and analytics, Mike Chapple, MCDBA, CISA, CISSP. “Security pros should take the time to validate this asset list and determine whether the organization’s current business environment warrants adding or removing items from the inventory,” said Prof. Chapple.

Step 3. Figure out how you will do damage control.

Prevention is about avoiding security events entirely. When an incident occurs, you are concerned with 100% mitigation but also with containment. Be reasonable and contain if necessary while you work at full expulsion and, eventually, recovery. Think in terms of what you can do right away to keep the problem from worsening. Containment means keeping the number of impacted systems and users as low as possible.

Step 4. Expand the way that you test your IR plan.

You can reveal what is weak in your plan by testing it rigorously and seeing where your strategy is insufficient (which could be as simple as delayed communication). Testing should be robust and multi-faceted. There are different ways to test, and improving your approach means going beyond the out-of-the-box approach: simple penetration and red team testing. Make your strategy more sophisticated by widening it to go beyond the emphasis on technology and process to your people by including social engineering. Additionally, widen the umbrella of systems by encompassing your branches, web apps, mobile devices, and Wi-Fi networks. You can even improve your IR testing by having the red teamers compromise the weaknesses they discover instead of simply finding and reporting them (although obviously within strictly defined parameters).

Step 5. Work with management.

As indicated by Joan Goodchild in Security Boulevard, the legal department and your C-level management should be part of the IR plan and also clued in on test results. It is simply not worth it to have poor practices that you are failing to fix, even if it is awkward to talk about it when things go wrong. Keep the top leadership aware of everything you discover so they can adjust as necessary.

Step 6. Set up incident response on retainer.

One decision that most organizations make is to involve, at some level, outside organizations to help them implement their IR plan or be prepared to help launch it in the event of an attack. Having IR expertise on retainer may sound excessive; however, Prof. Chapple noted that it can be a good idea so everything is in place. You may be large enough that you want someone internal who is in charge of incident response; however, that person typically needs help. “Responding to a security incident requires skill and expertise in the discipline of incident response as well as in the specific technical domains impacted by the incident,” noted Prof. Chapple.

Help shouldering the burden of IR

While all the above steps are important, you may find the last one is the first step, since it will give you further guidance to work with an expert. Do you have an incident response firm on retainer? When you are attacked or when a system fails, time is of the essence. Partner for ongoing protection.

Nathan Little, VP of Digital Forensics and Incident Response, Gillware Data Recovery

The post When’s the last time you looked at your incident response plan? appeared first on SC Media.

#gallery-0-6 { margin: auto; } #gallery-0-6 .gallery-item { float: left; margin-top: 10px; text-align: center; width: 33%; } #gallery-0-6 img { border: 2px solid #cfcfcf; } #gallery-0-6 .gallery-caption { margin-left: 0; } /* see gallery_shortcode() in wp-includes/media.php */

Go to Source Author: Doug Olenick When’s the last time you looked at your incident response plan? Original Post from SC Magazine Author: Doug Olenick Security is broad. That is evident in, for example, the…

The OHIO PREMIERE of RED LUCK today the Drexel Theater in Shock Around the Clock! 24 hours of movies starts at noon, RED LUCK screens at 4:10pm.