Chapter 12: Dealing with Incident Response Procedures
To protect businesses against disasters, we must have solid incident response plans and procedures. There are many different types of incidents a company will face. For example, dealing with a flood is totally different from dealing with the failure of a server’s hardware. They will have many plans in place, one for each incident, and it is vital that employees know their role in the plan for it to be effective. The plan must be exercised at least on an annual basis to be effective. Let’s look at each of these in turn, beginning with the incident response procedures.
This chapter will deal with incident response and will be divided into the following elements:
- Incident Response Procedures
- Attack Frameworks
- Utilizing Data Sources to Support Investigations
- Knowing how to Apply Mitigation Techniques or Controls to Secure an Environment
- Implementing Cybersecurity Resilience