Incidents can be categorized into runbooks for which a standardized response process can be defined, eliminating inconsistency and ambiguity while increasing operational efficiency. Clearly document use cases that pertain to the incidents commonly faced by your organization.

Customize the Ransomware Runbook by including the following sections for each single endpoint, multiple endpoints, and server infection:

  • Incident summary
  • Escalation process diagram
  • Detailed response procedures
  • Revision history

Align the response procedures with Phase 2: Operate, as outlined in the Develop and Implement a Security Incident Management Program blueprint.

Also In

Develop and Implement a Security Incident Management Program

Create a scalable incident response program without breaking the bank.

Related Content

Hide Details

Search Code: 84312
Published: August 3, 2017
Last Revised: August 3, 2017

Social

Get Access

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.