© Eric C. Thompson 2018
Eric C. ThompsonCybersecurity Incident Responsehttps://doi.org/10.1007/978-1-4842-3870-7_3

3. Incident Response Frameworks

Eric C. Thompson1 
(1)
Lisle, Illinois, USA
 

Initiating the construction or assessment of the incident response program requires a blueprint. Leveraging leading practices lessons learned from others shortens the incident response learning curve. The National Institute of Standards and Technology (NIST) publishes many documents available for cybersecurity practitioners, specifically, the NIST (SP) 800-61 Computer Security Incident Handling Guide. The guidance in this document addresses the incident response elements required to build a plan and team. This approach removes the guesswork and prevents the program ...

Get Cybersecurity Incident Response: How to Contain, Eradicate, and Recover from Incidents now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.