© Eric C. Thompson 2018
Eric C. ThompsonCybersecurity Incident Responsehttps://doi.org/10.1007/978-1-4842-3870-7_5

5. The Incident Response Strategy

Eric C. Thompson1 
Lisle, Illinois, USA

The incident response plan forms the blueprint and strategy for responding to events and incidents. It contains the purpose, scope, definitions and elements of incident response. Roles and responsibilities, definitions and escalation steps are common elements addressed in the incident response plan. The purpose presents the team with the “why” behind the plan. Why does the cybersecurity team care about planning for events and incidents? And why will time and money be invested in improving the entity’s ability to successfully respond to incidents? The scope ...

Get Cybersecurity Incident Response: How to Contain, Eradicate, and Recover from Incidents now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.