In this video, learn about the different elements of a procedure, such as the details of standard operating procedures and how these are individualized to each organizational unit.
- [Presenter] At this point, we've created a policy … and then we created a plan to nest underneath that policy. … We started very generically and then we got … a little bit more specific with our plan. … But we still aren't providing a lot … of exact details of what to do. … If you think of it like taking a trip, … our policy might be like making a statement like, … I want to get from New York City to Los Angeles … in order to conduct a business meeting there. … Now notice, I didn't say how we would get there, … just that we wanted to go from one location to the next … and my reason for making that trip. … To meet that purpose and objective, … you could fly, you could take a bus, you could drive a car, … you could even walk if you wanted to because I was very … generic and high-level in my description of my purpose. … Then, if I wanted to be a bit more specific, … I might create a plan to implement this policy. … From my New York to Los Angeles example, … maybe my plan says, we're going to do …
Author
Jason Dion
Released
6/21/2019- Differences between events and incidents
- Elements of policies, plans, and procedures
- The structure of the incident response team
- Selecting a team model
- Leading a team during an incident
- Internal information sharing
- Incident prevention
- Detection and analysis
- Containment, eradication, and recovery
- Calculating the cost of an incident
Skill Level Beginner
Duration
Views
-
Introduction
-
The need for a plan2m 34s
-
1. Incident Response Planning
-
Events and incidents4m 56s
-
Elements of a policy6m 12s
-
Elements of a plan5m 13s
-
Elements of a procedure3m 42s
-
-
2. Incident Response Team
-
Different team models6m 46s
-
Selecting a team model6m 3s
-
Incident response personnel5m 13s
-
Organizational dependencies6m 23s
-
3. Communication
-
Coordinating your efforts3m 58s
-
Internal information sharing3m 33s
-
Business impact analysis1m 48s
-
Technical analysis4m 4s
-
External information sharing3m 57s
-
-
4. Preparation
-
Preparation2m 14s
-
Hardware and software4m 22s
-
Software resources2m 56s
-
Incident prevention6m 34s
-
-
5. Detection and Analysis
-
Attack vectors5m 18s
-
Detecting an incident4m 25s
-
Indicators of compromise3m 50s
-
Conducting analysis5m 30s
-
Documenting the incident3m 21s
-
Prioritizing the incident5m 28s
-
Notification procedures2m 11s
-
-
6. Containment, Eradication, and Recovery
-
Containment strategies6m 29s
-
Identifying the attacker3m 4s
-
Eradication and recovery4m 54s
-
-
7. Post-Incident Activity
-
Lessons learned3m 48s
-
Metrics and measures3m 15s
-
Retaining the evidence2m 9s
-
Calculating the cost2m 10s
-
-
Conclusion
-
What to do next2m 17s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Elements of a procedure