Mitigating Risk with a Computer Incident Response Team Plan |
CHAPTER |
COMPUTER SECURITY incidents can result in the loss of confidentiality, integrity, or availability of data or services. Attackers will attack, and incidents will happen. However, an organization can be prepared with computer incident response teams (CIRTs). These teams are trained and have the knowledge and expertise to reduce the damage resulting from attacks. Their actions are guided by a CIRT plan.
The primary purpose of a CIRT plan is to help an organization prepare for incidents and mitigate the damage. The plan identifies members based on their roles and responsibilities. It includes policy statements related to incidents, such as whether CIRT members are authorized to attack back, and detailed information on how to handle incidents.
This chapter covers the following topics and concepts:
When you complete this chapter, you will be able to: