Cybersecurity incident response: The 6 steps to success

2022-02-05 19:13

What is an incident in the world of cybersecurity? NIST provides the following definition: "A computer security incident is a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices." Examples of cybersecurity incident are a phishing attempt, a brute-force attack against a service the company runs and a compromise of a server.

These teams also vary a lot in their staffing, the smallest CSIRTs structures being made of a couple of people, some even only being involved part-time, to structures made of dozens of employees with a capability to deal with incidents 24/7.The 6 steps to successful security incident handling.

To help dealing with such incidents, the SANS Institute, whose goal is to empower cybersecurity professionals with the practical skills and knowledge they need, has developed a list of steps for proper incident handling.

Let's dive in those steps to see how they help incident response.

Develop incident response plans for every kind of incident that might target the company.

Every incident should be seen as an opportunity to improve the whole incident handling process in the company.

News URL

https://www.techrepublic.com/article/cybersecurity-incident-response-the-6-steps-to-success/

#cybersecurity #incidentresponse