Summary
This chapter sets the stage for the rest of this book.“Incident response” means responding to “incidents,” events that happen in computing systems and networks that threaten security.“Security” has traditionally translated to the need for confidentiality, integrity and availability (CIA), so in the most fundamental sense, incidents involve some kind of compromise of CIA.
Security-related incidents have become substantially more diverse in nature, however; incidents such as reconnaissance attempts, repudiation of transactions, organized crime activity, subversion, extortion attempts, and hoaxes are becoming more common. Incident response has become increasingly important because of the growing difficulty of securing systems and networks, ...
Get Incident Response: A Strategic Guide to Handling System and Network Security Breaches now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
