Purpose of a CIRT Plan

The purpose of a CIRT plan is to help organizations identify and prepare for computer incidents. Security personnel can then identify the best responses to reduce the potential damage.

The purpose of the CIRT plan is similar to the purpose of a disaster recovery plan (DRP). By taking the time to create a plan, critical thinking can be applied to potential problems, the advice of experts can be sought, and the best types of responses can be researched.

However, if a plan is not in place, these benefits are not available to responders when the incident occurs, which leaves them no choice but to use trial-and-error techniques. These impromptu techniques may succeed, but, on the other hand, they may allow the attacker to ...

Get Managing Risk in Information Systems, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.