Forrester Blogs » Category: Incident Response

Planning for Failure, Personal Edition - Strategies to protect yourself in 2012

Posted by Rick Holland on the Security & Risk Professionals Blog on January 20, 2012

Blog post info and actions

Blog post body

Rick Holland

This week I did a webcast, Planning for Failure, which makes the assumption that if you haven't been breached, it is inevitable, and you must be able to quickly detect and respond to incidents.  An effective response can be the difference between your organization's recovery and future success or irreparable damage.  While I was working on the slides for the webcast, I started to reflect back on the 2011 security breaches that personally impacted me.   Three breaches immediately came to mind:

  1. Texas Teacher Retirement System -  My personal data was stored unencrypted on a public server
  2. Epsilon - Email compromise that resulted in increased phishing attempts
  3. STRATFOR - My personal information, credit card and password hash were stolen
Read more

Categories:

Where Is All The Incident Classification Best Practice?

Posted by Stephen Mann on the Infrastructure & Operations Professionals Blog on July 12, 2011

Blog post info and actions

Blog post body

Stephen Mann

I recently spoke with a Forrester I&O client looking for “incident classification best practice.” I knew that I should have had knowledge of this, or at least access to it, but all I had was a loose set of guiding principles that are probably more “common sense” rather than “best practice.”  I was happy to talk with the client but wanted to know what I had missed.

Google seemed a great place to start. After all, Googling “ITIL” results in 21 million hits (I do appreciate that not all of these will relate to the IT service management best practice framework though). So I Googled “incident classification best practice” (plus “incident categorization best practice”) and was surprised at the results. Well, the LACK of results. There was no freely available advice or guidance on this subject.

The main reason for my surprise is that, with the wealth of IT service management best (or good) practice out there (especially with ITIL espoused as THE framework of IT service management best practice), this is one area where I definitely think that value could be derived by documenting successes and the pitfalls to avoid.

Given that many organizations adopting ITSM best practice, or ITIL, will start with the service desk and incident management, the creation of a robust incident classification hierarchy is something they will need to do. A similar opportunity also arises when organizations switch between competing ITSM products as part of the well-documented ITSM tool churn. For others it is relevant when the realization sinks in that the existing incident classification hierarchy is cumbersome and ineffective. Incident classification is important, so where is the best practice?

Read more

Categories:

2011: An ITIL Versioning Odyssey

Posted by Stephen Mann on the Infrastructure & Operations Professionals Blog on June 27, 2011

Blog post info and actions

Blog post body

Stephen Mann

 

OK, so we all probably now know that the long-awaited ITIL “refresh,” ITIL v3.1 (or the ITIL 2011 Edition as it now seems to be called), is to be released on the 29th July 2011. But four years on from the release of ITIL v3 where are we exactly?

Let’s start with the provided facts about the updated version of ITIL. The ITIL Best Practice Management update points out that this is an “update” not a new version. Paraphrasing the update on the update, ITIL 2011 Edition is designed to:

  • Resolve any errors or inconsistencies.
  • Improve the ITIL publications by addressing issues raised to do with "clarity, consistency, correctness and completeness."
  • Address suggestions for change made by the training community.
  • Review the "Service Strategy" publication to improve accessibility and understanding.
Read more

Categories: