Cybersecurity incident response: The 6 steps to success
TechRepublic
Cedric Pernet
Cybersecurity incident response is not only about handling an incident – it’s also about preparing for any possible incident and learning from it. Here are six steps for a successful and efficient cybersecurity incident response.
What is an incident in the world of cybersecurity? NIST provides the following definition: “A computer security incident is a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices.” Examples of cybersecurity incident are a phishing attempt, a brute-force attack against a service the company runs and a compromise of a server.
What is a CSIRT? What is a CERT?
Most cybersecurity incidents are actually quite easy and straightforward to describe, yet the answer to them is generally very...