From the course: CCSP Cert Prep: 5 Cloud Security Operations Audio Review

Unlock the full course today

Join today to access over 22,700 courses taught by industry experts or purchase this course individually.

Incident management

Incident management

From the course: CCSP Cert Prep: 5 Cloud Security Operations Audio Review

Start my 1-month free trial

Incident management

- [Instructor] As much as we try build security controls that reduce the likelihood and impact of security incidents, bad things sometimes happen. In chapter eight, we talked about the controls that we can implement to manage security incidents better. First and foremost we need to have a structure in place to manage incidents. Having structure allows us to manage security incidents in a repeatable and organized fashion. The first step in incident response is identifying that an incident is taking place or took place. The SOC might identify a potential incident through security monitoring tools or we might be notified of an incident by an employee or even an external party. Once we identify an incident, we have to triage it and determine whether it requires escalation and the notification of the incident response team. Many of the incident reports that we receive aren't serious and don't require immediate attention. The…

Contents