Chapter 3

Developing a Computer Security Incident Response Plan

Kevvie Fowler

Abstract

This chapter will leverage the output of Chapter 2 and guide the reader through developing a tailored CSIR plan for their organization.

Keywords

Standard Operating Procedures; Management commitment; Incident assessment; Incident classification; Incident severity; Self-Breach detection; Security monitoring; Threat intelligence; Evidence retention; CSIR Plan testing; CSIR Plan metrics

Introduction

It is ironic that the most time-consuming part ...

Get Data Breach Preparation and Response now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.