Chapter 9: Creating Incident Response Plans and Playbooks
When a cybersecurity incident occurs, not all organizations are prepared to deal with it, especially small and medium-sized ones. For organizations, the creation of incident response plans (IRPs) and playbooks is essential because they describe how an organization is prepared when identifying a security breach.
Responding to cybersecurity incidents is not just about acquiring and implementing technology or following IR guides; you need to start from a baseline that considers the organization's level of maturity and aligns the IR program with the requirements and vision of the business.
A comprehensive IR program should include a policy, a plan, and playbooks of different incident types. ...
Get Incident Response with Threat Intelligence now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.