COMPUTER SECURITY INCIDENTS can result in the loss of confidentiality, integrity, or availability of data or services. Attackers will attack. Incidents will happen. However, you can be prepared with computer incident response teams (CIRTs). These teams are trained and have the knowledge and expertise to reduce the damage resulting from attacks. Their actions are guided by a CIRT plan.

The primary purpose of a CIRT plan is to help an organization prepare for incidents and mitigate the damage. The plan identifies members based on their roles and responsibilities. It includes policy statements related to incidents, such as if CIRT members are authorized to attack back. It also ...