Security professionals are responsible for preparing their organizations by building a security incident response program. In this video, learn how to develop a solid foundation for an organization's information security incident response program.
- [Instructor] While we strive to protect our systems…and information against a wide variety of threats,…the grim reality is that no matter…how many controls we put in place,…there's still a possibility that we'll fall victim…to a security incident.…As we explore the incident response process in this course,…we'll focus on using a standard set of practices endorsed by…the National Institute for Standards and Technology, NIST.…If you'd like more information on this process,…you can find a complete reference…in the NIST Computer Security Incident Handling Guide.…
It's published online as NIST Special Publication 800-61,…and this guide is widely used as a standard reference…throughout the cybersecurity field.…Every organization should develop…a cybersecurity incident response plan…that outlines the policies, procedures,…and guidelines that the organization will follow…when an incident takes place.…This process is extremely important…because it provides structure and organization…in the heat of a crisis.…
I've been involved in many security incidents…
- Building an incident response program
- Escalation and notification
- eDiscovery process
- Conducting investigations
- System and file forensics
- Reporting and documenting incidents
- Business continuity planning
- Validating backups
- Testing BC/DR plans
Skill Level Intermediate
Q: This course was updated on 06/01/2018. What changed?
A: We updated three videos, covering creating an incident response program, communications plan, and response team.