Incident Response – Evolution and Current Challenges
As we learned in the previous chapter, Incident Response (IR) is the approach used to manage security incidents in order to reduce the damage to an organization and improve the recovery of affected services or functionalities. IR activities follow a plan, which is the set of directions that outline the response procedures and the roles of different team members. IR has become a necessity for organizations facing rising threat levels, and this chapter discusses its importance.
With the focus of this chapter being the evolution and then the challenges of IR, we'll begin by looking at how IR has evolved with threats and advancements in technology. We'll then look at the challenges that IR teams ...