The initial signs that you have a security incident on your hands are rarely black and white. Perhaps you got a call from law enforcement that they’ve seen your confidential data in the wild. Or, maybe a trading partner reported unusual activity. Even when the alert comes from your own security operations centre (SOC), the first questions you have to ask yourself are “Is this a real incident?” and “How should I respond?”
A rapid response in the first 72-hours is critical. Whilst all organisations want to quickly resolve the incident, in order to know how you should respond it is important to first understand what type of incident you are dealing with.
Download this report to understand:
What type of incident you are dealing with
The nature and scope of the incident
How to identify the course of action that will be most effective at removing the attacker while balancing the risk to the organisation and the disruption that the response can cause
Please login to your account to download the report.