Chapter 3

Developing a Computer Security Incident Response Plan

Kevvie Fowler


This chapter will leverage the output of Chapter 2 and guide the reader through developing a tailored CSIR plan for their organization.


Standard Operating Procedures; Management commitment; Incident assessment; Incident classification; Incident severity; Self-Breach detection; Security monitoring; Threat intelligence; Evidence retention; CSIR Plan testing; CSIR Plan metrics


It is ironic that the most time-consuming part ...

Get Data Breach Preparation and Response now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.