Getting enterprise support
The broad touch that security incidents can have requires complete enterprise support when an incident is raised and an action must be taken. The simplest of external attacks will have a minimum of three teams involved to investigate and take action: security, network, and systems, as the attack would traverse the network, security tools, and eventually reach the target system. In order for the attack in this example to receive the proper attention, there has to be a predefined agreement on the expected response time for the incident type and which team members need to be involved from each team. The fact is that incidents are inconvenient and do not occur based on the ability of the team to respond. The unexpected nature of incidents will require whatever is actively being worked on to be halted and immediate response action to be taken for the incident. The mandate of importance to be given to security incidents will need senior management directive.
Once the...
