The first step to building this capability is the decision by senior leadership that the risk to the organization is too significant not to address the possibility of a potential security incident. Once that point is reached, a senior member of the organization will serve as a project sponsor and craft the incident response charter. This charter outlines key elements that will drive the creation of a Computer Security Incident Response Team (CSIRT).
The incident response charter
While there are a good deal of titles for incident response teams, the term Computer Emergency Response Team (CERT) is often associated with the US-CERT through the United States Department of Homeland Security or the Computer Emergency Response Team Coordination ...
Get Digital Forensics and Incident Response now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.