Despite the best efforts of an organisation, incidents can and will still happen. When they do happen, we must manage them well and do all we can to learn from them and ensure that they never happen again. There really should be no excuse for the same incident, or same type of incident, happening more than once. In the immediate aftermath of a security incident the mood will be sombre, that ‘sick to your stomach’ feeling associated with failure will be omnipresent for the people involved, and a lot of reflection and consideration of ‘what ifs’ will be occurring. Through the negativity, however, there is usually a renewed focus on security, and a momentum that should be harvested for maximum impact. Following a security ...

Get Hands-on Incident Response and Digital Forensics now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.