Summary
As the discipline of incident response continues to evolve, there remains a lack of consistency in defining what a computer incident is or encompasses. Defining an incident is difficult “because attacks and incidents are a series of steps that an attacker must take. In other words, attacks and incidents are not just one thing but rather a series of things.”[6] An action that is considered to be an incident by one organization may not be considered an incident by another organization. In many regards, the definition of what a computer incident is remains subjective and should be outlined by the organization. When defining the term for an organization or, more importantly, considering the types of activity to be considered an incident, ...
Get Effective Incident Response Team, The now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
