The incident response team’s goal is to coordinate and align key resources and team members during a cyber security incident to minimize impact and restore operations as quickly as possible. This includes the following critical functions: investigation and analysis, communications, training, and awareness as well as documentation and timeline development.

  • Determine and document the scope, priority, and impact.
  • Define and categorize security incidents based on asset value/impact.
  • Document and educate team members on appropriate reporting procedures.
  • Collect relevant trending data and other information to showcase the value the IR team can bring to the overall business.
  • Investigate root cause, document findings, implement recovery strategies, and communicate status to team members.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.