Management of Information Security Incidents
Management of Information Security Incidents
Author(s): Daniel CostinSubject(s): Business Economy / Management, Micro-Economics
Published by: EDITURA ASE
Keywords: Security Event; Security Incident; Containment; Recovery; Investigation;
Summary/Abstract: Reporting information security events. Reporting information security weaknesses. Responsible for handling incidents should be a Central Security Incidents Response Team (CSIRT). The incident response process has several phases, from initial preparation through post-incident analysis. The initial phase involves establishing and training an incident response team, and acquiring the necessary tools and resources. During preparation, the organization also attempts to limit the number of incidents that will occur by selecting and implementing a set of controls based on the results of risk assessments. Detection of security breaches is thus necessary to alert the organization whenever incidents occur. In keeping with the severity of the incident, the organization can act to mitigate the impact of the incident by containing it and ultimately recovering from it. After the incident is adequately handled, the organization issues a report that details the cause and cost of the incident and the steps the organization should take to prevent future incidents.
Journal: Revista de Management Comparat Internațional
- Issue Year: 10/2009
- Issue No: S2
- Page Range: 1038-1044
- Page Count: 7
- Language: English