Five Mistakes of Incident Response

by Dr. Anton Chuvakin
Oct. 2, 2017 0 comments Infosecwriters Detection & Response incident handling

All organizations have to care about security incident response! Unlike detection and prevention, the response is impossible to avoid. While it is not uncommon for the organizations to have weak prevention and detection capabilities, response will have to be there since the organization will often be forced into response mode by the attackers (be it the internal abuser, omnipresent ‘script kiddy’ or the elusive ‘uber-hacker’). The organization will likely be made to respond in some way after the incident has occurred.