Do you find counterhacking, forensic and incident analysis being an internal skillset to corporation
Do you find counterhacking, forensic and incident analysis being an internal skillset to corporations or an external one? How do you see this changing in the future?
Good question. This depends on the size, structure, and type of business venture. Some organizations prefer to hire outside consultants to come in and give an unbiased analysis. These individuals are not burdened by any preexisting paradigms; however, the cost for these services can be prohibitive. Whereas a full time onsite employee offers the advantages of fast response, and internal business knowledge.
I do see these items in a state of change as recent laws, such as those passed in California; place a larger burden on the corporation. These laws require organizations to perform proper due diligence and may allow them to be sued even if they have not been hacked. Their only crime might be that they are vulnerable to attack.
This was first published in January 2004