O'Reilly logo

Cybersecurity Incident Response: How to Contain, Eradicate, and Recover from Incidents by Eric C. Thompson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

© Eric C. Thompson 2018
Eric C. ThompsonCybersecurity Incident Responsehttps://doi.org/10.1007/978-1-4842-3870-7_2

2. Necessary Prerequisites

Eric C. Thompson1 
(1)
Lisle, Illinois, USA
 
Prior to building the incident response program, specific capabilities must exist. At a minimum, these should include adoption of a chosen framework; an understanding of the assets the entity must focus on protecting; documentation of the risks to the confidentiality, integrity, and availability of the assets; and assurance that all fundamental protective capabilities exist. Examples of these capabilities include:
  • Access-control processes and restriction of elevated privileges

  • Protection from misuse of data in motion, in use, and at rest

  • Hardening of hardware, based on ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required