The Current State of Incident Response Capabilities
Every organization has some sort of incident management capability, either structured or unstructureThe information security manager must determine the current state of capability. This will help them understand the areas in need of further improvement. An information security manager can determine the current state in any of the following ways:
- The current state can be determined by conducting a survey of senior management, business managers, and IT employees. This will help them understand the perception of the focus group about incident management capabilities.
- The current state can also be determined by self-assessment. This can be done by comparing the current processes with some standard criteriIn this method, the views of other stakeholders are ignored, and this can be a major challenge.
The current state can be determined by external assessment or audit. This is the most comprehensive method as it involves...