Incident response success in five quick steps
This article written by Mike Rothman talks about five quick steps for incident response.
Here, his special point is "Grace under Pressure".
The five quick steps are:
1. Write down the plan
A overview plan is a good guidance for what we should do after an incident. We can prepare more before anything bad happen. We can learn from the history, compare the fact, and draw out a plan fit for current situation.
2. Get buy-in
Once the plan is written down, it needs to be circulated amongst the organization's internal IT power brokers to make sure that everyone understands the document the same way and knows their responsibilities.
3. Understand escalation
Having someone accessible at all times to make those kinds of calls is absolutely critical.
4. Practice, practice and then practice some more
Practice always makes perfect. Even in incident response, we may not nature professionals to take calm and effective response to a security incident, but we can make us more professional through practice. We have our plans but never practiced it; then the plan will always be a plan not a practical method.
5. Learn from mistakes
Trial from fault is an important method in Learning Psychology, which is a summary from people's experience. No one can take care of all things perfectly. But we can't let the mistakes alone. Mistake in this time should be a lesson for next time. We can avoid it in the future, that means, we have less chance to make mistake.
Original article links is http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1303541,00.html
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment