Published: 25 September 2013
Summary
Increased complexity and frequency of attacks, combined with reduced effectiveness of preventative controls, elevate the need for enterprise-scale security incident response. This assessment covers ways of executing incident response in the modern era of cybercrime, APT and evolving IT environments.
Included in Full Research
- Introduction
- Security Incident Response Priority Today
- Trends Affecting Security Incident Response
- Organize for Security Incident Response
- Defining Security Incidents
- Incident Definition Examples
- Define Enterprise Security Incident Response
- Understand Security Incident Response and Compliance
- "Peopling" Up for IR
- Tooling Up for IR
- IR Processes and Planning Essentials
- Planning for Security Incident Response
- Detect Security Incidents
- IR and Monitoring
- Next-Generation Detection Equals Discovery
- Baselining for Detection
- IR and Intelligence
- APT IR: Detection
- Investigate and Remediate Security Incidents
- Continuous Incident Investigation
- Incident Remediation
- APT IR: Remediation and Containment
- Strategic Remediation and Lessons Learned
- Postmortem
- That Attribution Question
- Incident Response Maturity
- Future of IR
- Strengths
- Weaknesses