Security Policies and Implementation Issues, 3rd Edition by Robert Johnson, Chuck Easttom

The classification of incidents is part of the incident response policy. The classification approach can be documented as an incident response policy or a standard. In the case of a security breach, that naturally means some vulnerability in your systems or security has been exploited. By classifying the incident, you can better understand the threat and the weakness. Knowing the type of attack can help you determine how to respond to stop the damage. It can also help you analyze the control weaknesses in your environment. This helps reduce the risk of future attacks. There’s no one standard approach to follow in classifying incidents; however, an industry often adopts similar approaches among companies. The key point ...