Chapter 3

Developing a Computer Security Incident Response Plan

Kevvie Fowler


This chapter will leverage the output of Chapter 2 and guide the reader through developing a tailored CSIR plan for their organization.


Standard Operating Procedures; Management commitment; Incident assessment; Incident classification; Incident severity; Self-Breach detection; Security monitoring; Threat intelligence; Evidence retention; CSIR Plan testing; CSIR Plan metrics


It is ironic that the most time-consuming part ...

Get Data Breach Preparation and Response now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.