Incident Response Process

1079 Words5 Pages

Incidence Response Process

Introduction
According to experience, we have responded to the variety of incidents such as criminal incidents and incidents that involved civil litigation and incidents that disrupted business but were not actionable (cases where criminal or civil action was unconvincing). Incident response plans for numerous organizations, ranging from financial services institutions to companies that produce mainstream products are also developed by us. We sought to design an incident response process that will work with each type of incident you may encounter, during our various responses and program development engagements. We had tried that the incident response process in this chapter we introduced meets the needs of any organization …show more content…

In addendum to security and IT staff, it may also include the representatives from legal, human resource and public relation departments.

There are six steps for handling an incident most effectively:

1. Planning: For the importance of updated security measures the organization educates users and IT staff. In order to respond to computer and network security incidents quickly and correctly as possible they also well trained.
2. Recognition: To decide whether a particular event is in fact a security incident, the response team is activated. The Computer Emergency Response Team Coordination Center tracks the Internet security activity. The Computer Emergency Response Team has the most current information on viruses and worms and the team may contact to them.
3. Supervision: To prevent further damage the team disconnects all affected systems and devices and tries to determine how far the problem has spread and contains the problem.
4. Removal: To discover the origin of the incident the team investigates the root cause of the problem and all traces of malicious code are …show more content…

In order to resolve an incident the Computer Security Incident Response Team works together. The Computer Security Incident Response Team is an interdisciplinary team. Computer Security Incident Response Team has the appropriate legal, technical, and other expertise necessary. Incident response is not required at all times, because there is a special expertise of the Computer Security Incident Response Team members. When an organization requires its capabilities, the Computer Security Incident Response Team is normally an effectual team accumulation to conduct an initial response process. Many people may find themselves involved in responding to the computer security