Incident Response

Last updated on June 5, 2024

Description

 

Incident response (or cybersecurity incident response) refers to an organization’s processes and technologies for preventing, detecting, and, responding to cyberthreats, security breaches or cyberattacks. A formal incident response plan assists an organisation in planning for a cyber event by identifying general roles, responsibilities, communications, actions and responses ahead of an actual cyber-event.

Outcomes


 

  • Ability to manage active cyberattacks.
  • Defined procedures, roles, and responsibilities to manage security incidents and breaches. 
  • Improved incident response time.
  • Informed and tested incident response procedures.
  • Ability to identify and contain intruders in their system. 

Resources

 


Cybersecurity Incident Response Process
A breakdown of the incident response process using the SANS PICERL incident response model.

Incident Response Plan Template
An template designed to support an organized response to security incidents.

Developing Your Incident Response Plan
Your incident response plan includes the processes, procedures, and documentation related to how your organization detects, responds to, and recovers from incidents.

Cybersecurity Alerts
Cybersecurity alerts provide timely information about current security issues, vulnerabilities, and threats.

SIRT Terms of Reference
Terms of Reference document created for Security Incident Response Teams.

Download all Resources (.zip)