Plan for Anything that Could Cause Loss or Damage
The first step in properly responding to a security incident is to prepare. By the time an incident occurs, it is too late to get organized. The preparation step includes building the CSIRT and developing a response plan. Preparing also includes assembling any supplies, software, and hardware your team will need to respond to an incident.
Your organization should invest the resources to develop checklists and complete plans to address the results of each likely incident. It will require substantial effort to plan for every likely incident, but focusing on those that could cause loss or damage will be worthwhile. Many CSIRTs discover existing vulnerabilities while developing response plans. ...
Get Security Strategies in Windows Platforms and Applications, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
