Global Security Forum

 View Only
  • 1.  Is your incident response team cloud ready?

    Posted Tue July 20, 2021 02:06 PM
    Gartner estimates that by 2025, 99% of cloud security failures will be the cloud service customers' fault as described in more detail here.

    It has become essential for incident response teams to take their incident response program to the next level and prepare for incidents in cloud environments. However, when talking to organizations, we oftentimes see that there is a gap where incident response teams find themselves lost when it comes to their cloud environments. It can be a blind spot, where it is too late to learn about it during a crisis where time is critical. 

    There are several aspects to consider when building a cloud-ready incident response program. It starts off with understanding the shared responsibility model, establishing internal and external relationships (such as CSPs) as well as escalation procedures. It also includes technical aspects such as gaining visibility and access to your data points. Furthermore, incident handlers need to be trained and response procedures documented. It is essential to understand that there may be differences between traditional response methods and cloud-based responses when it comes to data acquisition and analysis, which also depends on cloud-native security features that an organization may leverage. 

    I am excited to share that IBM X-Force has announced a menu of proactive services to help organizations plan and prepare for incidents in cloud environments that include assessments, planning, and training. IBM X-Force also provides cloud incident investigation and remediation support. 

    For more information about this topic please take a look at our latest blog post: Avoid Blind Spots: Is Your Incident Response Team Cloud Ready?

    You can also Schedule a Consult with One of Our X-Force Experts 

    Thank you,
    Markus Schober
    Incident Response for Cloud Services Lead
    IBM Security X-Force

    Markus Schober

  • 2.  RE: Is your incident response team cloud ready?

    Community Leadership
    Posted Wed July 21, 2021 03:44 PM
    Thanks, @Markus Schober for sharing!

    Wendy Batten
    Community Manager
    IBM Security
    Cambridge MA

  • 3.  RE: Is your incident response team cloud ready?

    Posted Tue December 20, 2022 08:14 AM
    Thanks for sharing this valuable information, it's worth reading. As the rates of cybercrime continue to increase, it's important to understand why and how incident response strategies for cloud-based infrastructures and systems differ from traditional incident management. Checkout this read too, it covers few more important points too as per the following:

    • How Is Incident Response Different in the Cloud?
    • The Steps of the Cloud Incident Handling Process
    • Incident Detection in the Cloud
    • The Importance of Incident Response in the Cloud
    • The Cloud Incident Response Life Cycle
    • Best Practices for Cloud Incident Response
    • What is SOAR?
    • How Is SOAR Different from SIEM?
    • Security Incident Response in AWS Cloud
    • Security Incident Response in Microsoft Azure
    • Security Incident Response in Google Cloud Platform

    (Original Source:

    Barry Hughes