2 min read

UBS Trial Aftermath: Top 10 Tips For A Successful Postmortem

The government's forensics investigator says UBS took an important step when it examined the 2002 attack on its system. Here are some tips on creating your own successful postmortem report.
Once the dust had settled after the March 2002 attack on UBS PaineWebber's network, company managers began taking stock of what happened, and from there, figured out what they could learn from it.

Lessons learned came in the form of a postmortem report that touched on security weaknesses that could be tightened up and processes that could be put into place to fend off another attack. Keith Jones, the government's forensics expert, and director of computer forensics and incident response at Mandiant, an information security company, based in Alexandria, Va., says he was impressed that UBS tackled this kind of evaluation after such a traumatic incident.

But that's exactly the time when an evaluation will do the most good, he points out.

The defense attorneys for Roger Duronio, who was found guilty on Wednesday of launching the attack against UBS, tried to use the postmortem report against the company. Duronio's team pointed to security weaknesses brought up in the report as evidence of a flawed security architecture that could have allowed anyone to perpetrate the crime.

And while any kind of report ultimately could be used against a company in a similar situation, the benefits of doing a postmortem greatly outweigh any drawbacks, says Jones. Here is his Top 10 checklist for conducting a successful postmortem study: