The IT Law Wiki


32,062pages on
this wiki
Add New Page
Add New Page Talk0

Definitions Edit

Containment focuses on preventing the spread and effects of malware.

Containment "the process of limiting the effects of a hostile action once it occurs."[1]

Overview Edit

Containment is important to prevent an incident from continuing to inflict damage or overwhelming a firm's resources. The strategy to contain a malware infection will be different than the strategy to contain a network intrusion. An essential part of containment is decision making, e.g., whether to shut down a system, disconnect it from a network or disable certain functions. Such decisions can be made quickly and effectively if there are predetermined strategies and procedures for containing the incident.

References Edit

  1. At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues, at 69.

Also on Fandom

Random Wiki