The planned methodology of security incident handling and response is for managing security incidents, breaches, and cyber threats. Incident response is defined as the summary of technical actions performed to analyse, detect, defend against and respond to an incident. Whereas incident handling is defined as the summary of methods and predefined procedural actions to efficiently and actionably handle/manage an incident.
Security incident handling and response methodology includes the following:
- Developing an Incident Response (IR) plan
- Incident Management (IM)
- Incident Triage
- Incident Categorisation
- Escalation and decision making
- Core technical response
- Post incident review
- Playbooks and regulatory issues
It’s essential that good practices such as the ones highlighted above are as companies rely on this response not only to protect themselves, but to protect their public perception.