© Eric C. Thompson 2018
Eric C. ThompsonCybersecurity Incident Responsehttps://doi.org/10.1007/978-1-4842-3870-7_2

2. Necessary Prerequisites

Eric C. Thompson1 
(1)
Lisle, Illinois, USA
 
Prior to building the incident response program, specific capabilities must exist. At a minimum, these should include adoption of a chosen framework; an understanding of the assets the entity must focus on protecting; documentation of the risks to the confidentiality, integrity, and availability of the assets; and assurance that all fundamental protective capabilities exist. Examples of these capabilities include:
  • Access-control processes and restriction of elevated privileges

  • Protection from misuse of data in motion, in use, and at rest

  • Hardening of hardware, based on ...

Get Cybersecurity Incident Response: How to Contain, Eradicate, and Recover from Incidents now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.