Another Loss of Customer Trust in Facebook?

And The Rise of the 24x7 Security Operations Centre

The Rise of IDS, SOCs and Incident Response

On Friday morning, I lectured to my students on the power of intrusion detection systems (IDSs), and in how security operations centres (SOCs) are becoming a core part of detecting the early phases of an attack. By the afternoon, my phone started buzzing with news agencies calling about the Facebook hack.

From what I can see, the power of the SOC, and in speedy incident response, came into force, with a relatively fast detection of a major vulnerability, and in the patching of the Facebook infrastructure. The reporting too was fast and, fairly well pitched. While these are no excuses for the poor design, we can, at least, see an improvement in the ways that companies are responding to security incidents.

The ID Token Hack

As GDPR (General Data Protection Regulation) continues its roll-out, the days of companies hiding a hack for a while are gone, and where they must now report within 72 hours. And so, after taking a battering around the Cambridge Analytica scandal, Facebook is back in the news again with another weakness identified in their infrastructure. The words “may” and “could” feature highly in…