CPR was designed on the front line of cyber conflict
Like many technologies, CPR was designed on the front line of cyber conflict. In mid 2012 Logically Secure IR staff were working both on-site and remotely and they needed a solution to efficiently collaborate, plan and support their clients. They found that many of the organisations being attacked were using Microsoft Excel and Outlook for their case management and tracking; a solution that had neither scale nor security as part of their feature sets.
We found that while email was almost universally relied upon for information sharing, it had on occasion, allowed attackers to monitor the security and administration teams’ efforts to remediate the situation.
Our aim was to simplify and secure the sharing of information so that teams could see all the case details and discuss them away from prying eyes.
We wanted a solution where uploaded files were securely stored and that only selected team members could see and review the case data.
The name ‘Cyber CPR’ comes from Crisis Planning Room; a safe place where you go to plan and co-ordinate actions to avert or deal with an event or incident that affects your organisation. The reference to Cardio Pulmonary Resuscitation is intended, as for some organisations that are mid-breach, what we offer is very often, emergency support.
We tried several solutions and conducted public Alpha and Beta trials with both as we matured the technology.
Here are some of the internal versions of CPR and an early Alpha release (last screenshot)
Click on the screenshot to view at larger size
Progress was ‘interesting’ as productising a tool we used internally brings interesting challenges, in terms of stability, security and scale-ability. There was many a heated whiteboard session over crucial aspects, like the core database, such was the passion and determination to get key aspects right.
However, throughout this process and at every stage we got great industry feedback on bugs and improvements which we have tried to incorporate where time and security have permitted.
As part of the development process we also patented the concepts and methodology that CyberCPR is built upon (you can read the patent here).
Need to know
One of the core aspects of CyberCPR’s security model is the ‘need to know’; this means that only staff that are added to an incident can see the information relating to that case.
They cannot search for it and any links they click to access aspects of the case will both be blocked and alerted to administrators. See more on the CyberCPR Security page.
Trick no Treat
5 scary ways a hacker tries to trick you! 1. You’ve won! We’re all savvy to the Prince from a far off land who wants to share his wealth with us, or the long-lost relative
October is Cyber Security Awareness Month!
Bringing Cyber Security to the forefront. With ransomware attacks taking place every 14 seconds and cyber crime projected to cost the world $10.5 trillion annually by 2025, cyber security is more important than ever, with
What is the purpose of an incident response plan?
“…And none of us had a playbook…there’s a thing they say; ‘Ok, this is happening now. Crack this open and it’s going to give you the playbook of how to deal with this.’ It wasn’t