Fandom

The IT Law Wiki

Incident response plan

32,198pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Definitions Edit

An incident response plan is

[a] set of predetermined and documented procedures to detect and respond to a cyber incident.[1]
[t]he documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of a malicious cyber attacks against an organization's information system(s).[2]

Overview Edit

The response should be measured first and foremost against the "service being provided," not just the system that was compromised. If an incident is discovered, there should be a quick risk assessment performed to evaluate the effect of both the attack and the options to respond. For example, one possible response option is to physically isolate the system under attack. However, this may have such a dire impact on the service that it is dismissed as not viable.

References Edit

  1. NICCS, Explore Terms: A Glossary of Common Cybersecurity Terminology (full-text).
  2. 12 FAM 090 (full-text).

Also on Fandom

Random Wiki