© Eric C. Thompson 2018
Eric C. ThompsonCybersecurity Incident Responsehttps://doi.org/10.1007/978-1-4842-3870-7_10

10. Continuous Monitoring of Incident Response Program

Eric C. Thompson1 
(1)
Lisle, Illinois, USA
 

An important characteristic of program maturity is continuous monitoring by management. This means leaders of the program establish performance indicators, aligned with management’s expectations, and these indicators are reviewed regularly. In the Program Review for Information Security Assurance (PRISMA), these actions are captured in the measured and managed categories. Metrics are developed, and management reviews performance of the program, to confirm that it meets the organization’s needs. The National Institute for Standards and Technology ...

Get Cybersecurity Incident Response: How to Contain, Eradicate, and Recover from Incidents now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.