back to article Keen to get CRITICAL PAYMENT systems up QUICKLY after HACK?

Restoring payment systems after disruptive cyber attacks could involve compromising analysis of incidents, says report A new report on cyber resilience in financial market infrastructures has highlighted potential conflicts between legal obligations on the reporting of cyber security or data breaches and the need to restore …

  1. TheWeddingPhotographer

    Redundancy

    Well if we all had 2 of everything, we would all have backups.

    If we all had 4 of everything, we would have totally redundant systems ready to swing in when the poo hits the fan.

    Unfortunately (or fortunately, depending on your point of view) infrastructure, programming, staff and the like is generally provided to a managed budget, and risks generally factored in. There is a balance - risk Vs cost. and there is a judgement to be made. Money is an object, we cant escape that.

    When a criminal ransacks say a bricks and mortar shop at 10.00pm generally the glazing firm has to clear up the mess a bit and board the place up, the shop keeper has to come in and appraise the situation and in the morning the staff need to make the place safe. Eventually, the police send the forensic people around to figure out what went on.

    I guess net/ system admins are in the same boat... See a DOS attack, close the port to that IP range.. Find a rogue script - isolate it and kill it off. i.e. they are the first line of defence, and sometimes their work, naturally screws the evidence chain.

    1. Gordon 10
      Coat

      Re: Redundancy

      Pedant alert.

      4 lots of things can actually have a negligible benefit and sometimes actually be outweighed by the costs of managing the additional complexity.

      I suspect you already knew that and were just "for instancing"

  2. Hankie

    @TheWeddingPhotographer Totally agree! We can't wait around for days of forensics to be completed while our business takes no payments.

    Forensics should be able to pick out what was done on the server anyway and I would always advise taking a copy on an external drive of any files that were compromised.

  3. Vociferous

    Do the bad guys EVER get caught?

    Regardless of whether the hack is reversed quickly or not, it seems to me the clearance rate of cybercrime rounds to zero.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like