Word of the Day: incident response

Word of the Day Daily updates on the latest technology terms |January 2, 2018

incident response Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also known as an IT incident, computer incident, or security incident. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs. Any incident that is not properly contained and handled can -- and usually will -- escalate into a bigger problem that can ultimately lead to a damaging data breach or system collapse. Responding to an incident quickly will help an organization minimize losses, mitigate exploited vulnerabilities, restore services and processes, restore confidence and reduce the risks that future incidents pose.   An incident response plan can benefit an enterprise by outlining how to minimize the duration of and damage from data breaches, denial of service/distributed denial of service attacks, network intrusions, virus, worms or malware outbreaks or insider threats. Without an incident response plan in place, an organization may not detect the attack, or it may not follow best practices to contain the threat, comply with legislative directives and recover from a breach that has been detected. To be effective, the plan should identify and describe the roles and responsibilities of the incident response team members who are responsible for testing the plan on a regular basis and putting it into action when required. The plan should also specify the tools, technologies and physical resources that must be in place to recover breached information. Read more... Quote of the Day "The incident response policy should be embedded in the hearts and minds of the response team via regular drills, practice and repetition -- particularly including creative war-gaming exercises." - Johna Till Johnson   Trending Terms CSIRT incident response plan data breach computer forensics threat intelligence vulnerability analysis   Learning Center How automated incident response can help security Automated incident response could ease some of the current burden on security professionals. Here's a look at how it helps. Crafting a cybersecurity incident response plan, step by step Is your cybersecurity incident response plan the best it can be? Follow the detailed and actionable guidance offered in this handbook, and it will be. Make your incident response policy a living document An incident response policy must be carefully devised, but also regularly updated, and always effectively communicated to all personnel. IT incident response ditches root cause analysis process IT incident response has evolved beyond the root cause analysis process with DevOps culture and highly complex distributed infrastructures. Simple steps to improve the IT incident management process An effective IT incident management process means ops teams can put out fires before they become infernos. You can refine efforts in three steps. Writing for Business Most major security breaches ____________ human error. a. can be attributed to b. are due to Answer   Stay In Touch For feedback about any of our definitions or to suggest a new definition, please contact me at: mrouse@techtarget.com   Visit the Word of the Day Archives and catch up on what you've missed!   FOLLOW US About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Whatis.com, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget, Whatis, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2016 TechTarget. All rights reserved.