Develop and Implement a Security Incident Management Program – Phase 2: Operate

Author(s): Celine Gravelines, Logan Rohde

Operate with efficiency and effectiveness as new incidents are handled. The activities in this phase will enable you to:

  • Streamline the incident handling process based on best practices.
  • Develop specific incident runbooks to correspond with relevant incidents in order to quickly identify the response process and eliminate ambiguity when handled by different individuals.
  • Perform effective post-incident analysis to learn from incidents and prevent reoccurrences.

Tags

NIST, security incident response, detect security events, analyze, contain, eradicate, recover, post-mortem, use case, security metrics, incident communication, cybersecurity response, incident handling, cyber incident response

Related Content: Security

Thought model representing Develop and Implement a Security Incident Management Program – Phases 1-3

Develop and Implement a Security Incident Management Program – Phases 1-3
Thought model representing The Connected Factory Storyboard

The Connected Factory Storyboard
Thought model representing Present Security to Executive Stakeholders Storyboard

Present Security to Executive Stakeholders Storyboard
Thought model representing The Connected Factory

The Connected Factory
Thought model representing Present Security to Executive Stakeholders

Present Security to Executive Stakeholders
© Info-Tech Research Group | Terms of Use | Privacy Policy