Information security incidents come in all shapes and sizes, ranging from nil or negligible impact through to total devastation. Quickly classifying incidents as the initial information comes to light (in terms of the nature of the incident and the scale or gravity of it) is a good way to decide what kind of response is appropriate. Do we add it to a to-do list for someone in IT, or call out the Army? GovCertUK's scheme suits incidents that may have a national impact but it's not hard to create something more useful for the average organization using theirs as a template or starting point.
For a more involved scheme, check out the Verizon Incident Sharing Framework
No comments:
Post a Comment
The floor is yours ...