Incident Management

This chapter discusses where and how a public key infrastructure compromise might occur and the steps necessary to prepare for such an incident. Incident management includes preparing a PKI incident response plan and executing the plan in the event of a breach. Thus far in this book, we have alluded to security incidents in a variety of ways:

  • Chapter 2, “Cryptography Basics,” identified key compromise as a type of incident.
  • Chapter 4, “PKI Management and Security,” addressed incidents in the certificate policy and certificate practice statement.
  • Chapter 5, “PKI Roles and Responsibilities,” discussed incidents and separation of duties.
  • Chapter 6, “Security Considerations,” mentioned incidents relating to physical and logical ...

Get Security without Obscurity now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.