© Eric C. Thompson 2018Eric C. ThompsonCybersecurity Incident Responsehttps://doi.org/10.1007/978-1-4842-3870-7_2
2. Necessary Prerequisites
Prior to building the incident response program, specific capabilities must exist. At a minimum, these should include adoption of a chosen framework; an understanding of the assets the entity must focus on protecting; documentation of the risks to the confidentiality, integrity, and availability of the assets; and assurance that all fundamental protective capabilities exist. Examples of these capabilities include:
Access-control processes and restriction of elevated privileges
Protection from misuse of data in motion, in use, and at rest
Hardening of hardware, based on ...