Earlier this year, the company I work for as a software developer suffered a security incident. What followed was a very unique few months that I’l...
For further actions, you may consider blocking this person and/or reporting abuse
Amazing post, Chris! There should really be more of these kinds of posts out there. Security incidents are just one of those events everyone has to go through, but no one ever talks about, which makes everyone less prepared to tackle them when they have to go through it. (That previous sentence was a mouthful!) I'm glad you shared your story. At least now I could say that I am better informed and prepared for the inevitable.
P.S. Great job on redacting sensitive information. You definitely made it an effort to hide the personal details.
Thanks, it's great to hear that this was useful to you :)
Excellent write up of the experience from inside, thanks Chris!
The follow-on impact on morale and behaviour, and social effects are rarely considered in incident response plans - thanks for highlighting them, I think I need to take your learning back to my new CIO :)
Thanks Phil!
Thank you, Chris - super informative, really interesting to think about recovery and "getting back to normal." This must have been a stressful experience for you - I appreciate that you took the time to create such an excellent write-up!
I think this fits right in with challenges placed on the testing team. Many production issues can go through the same events, they just have different time frames with a localized scope.
I'm working on a good post on QA, but security is a hard one to fit in to test, obviously depending on the organization structure and risk. Testers may not get blamed but if you have them it can be the first place looked at to add additional steps to catch such things.
Great read, thanks for sharing this experience!