System Hardening and Network Risk Management

This week’s readings brought the course to a strong close, focusing on some of the most practical and operational aspects of the cybersecurity analyst role. Chapter 19’s coverage of incident recovery and post-incident activities reinforced the importance of not just responding to security events, but also documenting lessons learned, updating policies, and refining playbooks to prevent similar incidents in the future. Chapter 20’s discussion on communication and reporting emphasized how essential clear, concise, and audience-tailored reporting is for decision-making at all levels. Finally, Chapter 21 tied everything together with review and certification preparation, providing a roadmap for applying the knowledge gained in real-world scenarios and exam contexts. One my key takeaways from these chapters is the need for a balance between technical skill and soft skills. Being able to investigate, mitigate, and document an incident is valuable, but the ability to communicate those findin...

  Planning for the Inevitable: The Importance of Incident Response One of the key insights I gained from this week’s readings is the critical role of incident response (IR) in maintaining an organization’s cybersecurity posture. While organizations invest heavily in preventative security controls, the reality is that breaches are often a matter of when , not if . That’s where a well-structured Incident Response Plan (IRP) comes into play. A solid IRP does more than just react to incidents it guides teams through predefined steps that limit damage, ensure quick recovery, and reduce overall costs. This approach is proactive rather than reactive. One key takeaway is the importance of having a Computer Security Incident Response Team (CSIRT) composed not just of IT and security professionals, but also legal, HR, and PR representatives when applicable. This ensures all aspects of an incident technical, legal, and reputational are managed correctly. Chapters 16 and 17 in parti...