HealthcareCISO

Cybersecurity incident response is not only about handling an incident – it’s also about preparing for any possible incident and learning from it. Here are six steps for a successful and efficient cybersecurity incident response.

What is an incident in the world of cybersecurity? NIST provides the following definition: “A computer security incident is a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices.” Examples of cybersecurity incident are a phishing attempt, a brute-force attack against a service the company runs and a compromise of a server.

What is a CSIRT? What is a CERT?

Most cybersecurity incidents are actually quite easy and straightforward to describe, yet the answer to them is generally very...