Keeping organizational information assets secure in today’s interconnected computing environment is a true challenge that becomes more difficult with each new “e” product and each new intruder tool. Most organizations realize that there is no one solution or panacea for securing systems and data; instead a multi-layered security strategy is required.
Motivators driving the establishment of our Emergency Response Team.
- a general increase in the number of computer security incidents being reported
- a general increase in the number and type of organizations being affected by computer security incidents
- a more focused awareness by organizations on the need for security policies and practices as part of their overall risk-management strategies
- new laws and regulations that impact how organizations are required to protect information assets
- the realization that systems and network administrators alone cannot protect organizational systems and assets
What Are the Questions?
As organizations begin to build their incident response capability, they are looking to determine the best strategy for putting such a structure in place. They not only want to know what has worked well for others, but also want some guidance on the process and requirements they must follow to establish an effective incident response capability.
There is not a standard set of answers to these questions. Emergency Response Tactics are as unique as the organizations they serve, and as a result, no two teams are likely to operate in the exact same manner. It is important for the organization to decide why it should have a ready to act Response team and what the team has to achieve. Once this is determined, then the unique set of answers to these questions can be formulated.