Responding to Incidents
Some cyberattackers penetrate enterprise cyberdefenses no matter how well the defenses are designed, implemented, and maintained. Responding to these incidents (in other words, incident response) and the related costs are facts of life in the modern cyberenvironment. Enterprise endpoints and servers are destined to be compromised. It benefits the enterprise to embrace this reality and simply deal with these compromised systems as quickly and as cheaply as possible. Generally, an enterprise can accept a number of minor cyberincidents provided the incidents are contained before significant damage is done.