Abstract
A security incident is an insider or adversary event that can impact organization assets and compromise their security goals (e.g., confidentiality, integrity, availability, access control).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Bibliography
Bejtlich R (2010) CIRT-level response to advanced persistent threat. SANS Forensics Incident Response Summit
Bellovin SM, Landau S, Lin HS (2017) Limiting the undesired impact of cyber weapons: technical requirements and policy implications. J Cybersecur 3(1):59–68. https://doi.org/10.1093/cybsec/tyx001
Campbell T (2003) An introduction to the computer security incident response team (CSIRT) set-up and operational considerations. Global information assurance certification paper. giac.org
Cichonski P, Millar T, Grance T (NIST), Scarfone K (Scarfone Cybersecurity) (2012) NIST Special publication 800-61, SP 800-61 Rev. 2. Computer security incident handling guide, August 2012
Gennuso K (2012) Shedding light on security incidents using network flows. SANS. https://www.sans.org/reading-room/whitepapers/incident/shedding-light-security-incidents-network-flows-33935
Incident Response Plan (2018) Document version: 1.0.0. http://www.i-assure.com, www.i-assure.com/wp-content/uploads/dlm.../RMF_Incident-Response-plan.docx
Information security Technologies to Secure Federal Systems (2004) GAO report to congressional requesters. GAO-04-467. www.gao.gov.
InfoSec Nirvana (2015) Part 2, Incident classification, security investigation series. http://infosecnirvana.com/part-2-incident-classification/
ISO/IEC 27035 (2018) http://www.iso27001security.com/html/27035.html
Kumari W, McPherson D (2009) Remote triggered black hole filtering with unicast reverse path forwarding (uRPF). Network working group, request for comments: 5635
Lewis L (1993) A case-based reasoning approach to the management of faults in communications networks. CAIA
Libicki M (2017) Second acts in cyberspace. J Cybersec 3:29–35
Mehta L (2014) Top 6 SIEM Use Cases—InfoSec Institute. http://resources.infosecinstitute.com/top-6-seim-usecases/. Accessed 6 Sept 2014
Olson L, Blackwell A (1990) Understanding network management with OOA. IEEE network magazine
Sang-Hun C (2016) Computer networks in South Korea are paralyzed in cyberattacks. New York Times. http://www.nytimes.com/2013/03/21/world/asia/southkorea-computer-network-crashes.html. Last Accessed 26 June 2016
Trivedi K (2007) A standards-based approach for offering a managed security service in a multivendor network environment. Internet Protocol J 10(3)
Zhang E (2017) What is event correlation, examples, benefits and more. Digi Guardian, https://digitalguardian.com/blog/what-event-correlation-examples-benefits-and-more
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Alsmadi, I. (2019). Incident Response. In: The NICE Cyber Security Framework. Springer, Cham. https://doi.org/10.1007/978-3-030-02360-7_13
Download citation
DOI: https://doi.org/10.1007/978-3-030-02360-7_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02359-1
Online ISBN: 978-3-030-02360-7
eBook Packages: EngineeringEngineering (R0)