Top 11 Posts on Incident Response, DLP, SOC, SIEM and Information Security from the Exabeam Blog

With 2020 around the corner, we took a look back to see what our readers were reading this year. Here’s the list of the most popular topics and posts from our blog.

Incident response

A security breach can result in significant financial and reputational damage. Having a well-designed plan ready can mitigate long-lasting issues that follow a breach in the event one happens. The following blog posts can serve as a quick yet comprehensive guide as you build your incident response strategy.

• Incident Response Plan 101: How to Build One, Templates and Examples – A solid incident response plan creates a strong foundation you can build on. In this post, we guide you, step by step, through building a business plan, including linking to samples of effective plans from several top universities.
• Incident Response Steps: 6 Tips for Responding to Security Incidents – You put plenty of resources toward preventing a breach, but what should you do if one happens? This blog post outlines six steps to help you develop an incident response plan.
• 10 Best Practices for Creating an Effective Computer Security Incident Response Team (CSIRT) – The key to effectively managing any IT issue is having a winning team in place. This article outlines the steps you can take to ensure you have the right resources in place to capably navigate a security event.

DLP

With your business data being one of its most valuable assets your security procedures should cover data loss prevention (DLP) and keeping sensitive information safe inside your network. These articles cover the risks associated with DLP and show how to create effective data loss prevention policies.

• Data Loss Prevention — Policies, Best Practices, and Evaluating DLP Software – Whether it’s a matter of regulatory compliance or protecting your customers, controlling your data is essential to protecting your business. The tips in this post will help you create an effective policy to prevent data loss in your organization.
• Data Loss Prevention Policy Template – The templates provided by Microsoft Exchange are a good starting point to help you design policies to keep your data safe, but you’ll need to configure them properly before uploading them. This blog post explains what those prerequisites are and walks you through the steps of setting policies to prevent data loss.

SOC

If you’re a small startup or a large corporation, you’ll need to protect your data and systems. The security operations center (SOC) has traditionally referred to a dedicated facility of specialized IT personnel. As more small businesses have emerged, though, SOCs have become much more than as a physical location. These posts offer guidance on how to build and strengthen your security operations.

• Security Operations Center: A Quick Start Guide – What do you need to start your SOC? This useful guide presents best practices on how to determine the team members you need for your business and policies to put in place to protect your organization.
• Security Operations Center Roles and Responsibilities – A SOC relies on the talent and leadership of the organization and the tools they are equipped with. This post on SOC roles and responsibilities describes each professional’s job duties, from the security analyst to the chief information security officer.

SIEM

Protecting your network involves clear security information and event management policies. The posts below can help you learn more about what events need to be monitored and how you can effectively set up your tools to keep your network safe.

• What is UBA, UEBA, & SIEM? Security Management Terms Defined – Security operations terminology can often overlap and be confusing. This blog post breaks down user behavior analytics, user and entity behavior analytics, and security information and event management.
• SIEM Rules or Models for Threat Detection? – Security analysts are responsible for identifying exactly which behaviors signal possible threats. Find out how you can more easily establish models that will help your security software do its job.

Information security

Information security policy and cybersecurity breaches remained a top category of interest for our readers. If you already have a security policy in place or if you’re still building one, these posts can help you get in front of threats as you head into 2020.

• Detecting Suspicious Lateral Movements During a Cybersecurity Breach – One of the most unexpected outcomes of a security breach is the continued damage undetected attackers can cause. This article helps you understand how lateral movement typically works so that you can detect threats faster to better safeguard your systems.
• The 8 Elements of an Information Security Policy – A solid information security policy can help protect your organization from risk. This post offers suggestions on how to create a document that lets end users know what their responsibilities are for protecting your systems.

As your business heads into 2020, our post on cybersecurity predictions for 2020 gives you an advance look on new trends and security insights from security experts. And, if you enjoy reading our articles, don’t forget to subscribe to the Exabeam blog to receive the latest in security.