August 2001
Intermediate to advanced
240 pages
8h 28m
English
Content preview from Incident ResponseBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Involving the Critical Players
When you have decided on your team’s basic services, and recruited and assembled your team according to the guidelines mentioned earlier in this chapter, it is time to make sure that your concept of “team” extends beyond the individuals who are directly assigned, matrixed, or contracted to the core team. In fact, the actual incident response team should really just be the process and technical experts who lead the charge in response to a security problem. During a crisis event, the concept of a team needs to extend far beyond those boundaries. The overall team, in a macro sense, needs to involve a much larger group of the organization’s employees beyond simply the technical incident response staff.
We were involved in a role playing desktop exercise with a client in which we simulated an incident with a group of the client’s senior management and executive personnel. During the exercise, we stepped through a realistic hypothetical incident involving the theft of large amounts of money from the client. Although the actual incident response team was represented in the room during the incident, it very quickly became obvious to everyone in the room that it would be impossible to have the team run the show during an actual crisis. Some of the most unlikely people in the room rapidly found themselves key figures in the actual handling of the incident, even though they were not members of the incident response team and were never even told what their incident ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.