Abstract
A security incident is an insider or adversary event that can impact organization assets and compromise their security goals (e.g., confidentiality, integrity, availability, access control).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Bibliography
Bejtlich R (2010) CIRT-level response to advanced persistent threat. SANS Forensics Incident Response Summit
Bellovin SM, Landau S, Lin HS (2017) Limiting the undesired impact of cyber weapons: technical requirements and policy implications. J Cybersecur 3(1):59–68. https://doi.org/10.1093/cybsec/tyx001
Campbell T (2003) An introduction to the computer security incident response team (CSIRT) set-up and operational considerations. Global information assurance certification paper. giac.org
Cichonski P, Millar T, Grance T (NIST), Scarfone K (Scarfone Cybersecurity) (2012) NIST Special publication 800-61, SP 800-61 Rev. 2. Computer security incident handling guide, August 2012
Gennuso K (2012) Shedding light on security incidents using network flows. SANS. https://www.sans.org/reading-room/whitepapers/incident/shedding-light-security-incidents-network-flows-33935
Incident Response Plan (2018) Document version: 1.0.0. http://www.i-assure.com, www.i-assure.com/wp-content/uploads/dlm.../RMF_Incident-Response-plan.docx
Information security Technologies to Secure Federal Systems (2004) GAO report to congressional requesters. GAO-04-467. www.gao.gov.
InfoSec Nirvana (2015) Part 2, Incident classification, security investigation series. http://infosecnirvana.com/part-2-incident-classification/
ISO/IEC 27035 (2018) http://www.iso27001security.com/html/27035.html
Kumari W, McPherson D (2009) Remote triggered black hole filtering with unicast reverse path forwarding (uRPF). Network working group, request for comments: 5635
Lewis L (1993) A case-based reasoning approach to the management of faults in communications networks. CAIA
Libicki M (2017) Second acts in cyberspace. J Cybersec 3:29–35
Mehta L (2014) Top 6 SIEM Use Cases—InfoSec Institute. http://resources.infosecinstitute.com/top-6-seim-usecases/. Accessed 6 Sept 2014
Olson L, Blackwell A (1990) Understanding network management with OOA. IEEE network magazine
Sang-Hun C (2016) Computer networks in South Korea are paralyzed in cyberattacks. New York Times. http://www.nytimes.com/2013/03/21/world/asia/southkorea-computer-network-crashes.html. Last Accessed 26 June 2016
Trivedi K (2007) A standards-based approach for offering a managed security service in a multivendor network environment. Internet Protocol J 10(3)
Zhang E (2017) What is event correlation, examples, benefits and more. Digi Guardian, https://digitalguardian.com/blog/what-event-correlation-examples-benefits-and-more
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Alsmadi, I. (2019). Incident Response. In: The NICE Cyber Security Framework. Springer, Cham. https://doi.org/10.1007/978-3-030-02360-7_13
Download citation
DOI: https://doi.org/10.1007/978-3-030-02360-7_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02359-1
Online ISBN: 978-3-030-02360-7
eBook Packages: EngineeringEngineering (R0)