In this video, discover how to prioritize the incident based on its business impact, economic impact, or other factors.
- [Narrator] At this point in our detection and analysis … we need to prioritize the incidents … that we're dealing with. … you may have dozers or even hundreds of events per day … But even within those categories, … so we can best allocate our resources … to resolving these possible incidents. … Different organizations are going to use different methods … to prioritize their incidents. … Some organizations like to use a functional impact … to the company. … When prioritizing incidents … the organization is concerned with determining how severe … the impact to the business's daily operations are. … Now for example, if you're an eCommerce business … Since if you can't accept credit cards … Within the functional impact category, … as high, medium, low, or none. … to any of its users. … to some of its users. … all critical services, … but may they may have lost some of their efficiency. … Now a different way of prioritizing impact … In this assessment, the incident handlers … are trying to determine the impact on confidentiality, …
Author
Jason Dion
Released
6/21/2019- Differences between events and incidents
- Elements of policies, plans, and procedures
- The structure of the incident response team
- Selecting a team model
- Leading a team during an incident
- Internal information sharing
- Incident prevention
- Detection and analysis
- Containment, eradication, and recovery
- Calculating the cost of an incident
Skill Level Beginner
Duration
Views
-
Introduction
-
The need for a plan2m 34s
-
1. Incident Response Planning
-
Events and incidents4m 56s
-
Elements of a policy6m 12s
-
Elements of a plan5m 13s
-
Elements of a procedure3m 42s
-
-
2. Incident Response Team
-
Different team models6m 46s
-
Selecting a team model6m 3s
-
Incident response personnel5m 13s
-
Organizational dependencies6m 23s
-
3. Communication
-
Coordinating your efforts3m 58s
-
Internal information sharing3m 33s
-
Business impact analysis1m 48s
-
Technical analysis4m 4s
-
External information sharing3m 57s
-
-
4. Preparation
-
Preparation2m 14s
-
Hardware and software4m 22s
-
Software resources2m 56s
-
Incident prevention6m 34s
-
-
5. Detection and Analysis
-
Attack vectors5m 18s
-
Detecting an incident4m 25s
-
Indicators of compromise3m 50s
-
Conducting analysis5m 30s
-
Documenting the incident3m 21s
-
Prioritizing the incident5m 28s
-
Notification procedures2m 11s
-
-
6. Containment, Eradication, and Recovery
-
Containment strategies6m 29s
-
Identifying the attacker3m 4s
-
Eradication and recovery4m 54s
-
-
7. Post-Incident Activity
-
Lessons learned3m 48s
-
Metrics and measures3m 15s
-
Retaining the evidence2m 9s
-
Calculating the cost2m 10s
-
-
Conclusion
-
What to do next2m 17s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Prioritizing the incident