Computer Emergency Response Team (CERT)
A Computer Emergency Response Team (CERT) is a group of security experts who respond to cybersecurity incidents. These teams work on many unique cybersecurity incidents involving malware, viruses, and cyber …
Root Cause Analysis
A root cause seeks to examine all the potential causes for a major incident at a business and select the root cause from them. Then it seeks to propose mitigating controls to prevent the root cause from recurring.
Business Continuity and Disaster Recovery Plan
A Business Continuity and Disaster Recovery (BCDR) Plan is a set of techniques and processes that are used by organizations to assist in recovering from a disaster and resuming everyday …
Revision
Revision refers to the final aspect of incident response, that of revising procedures and systems to ensure an incident doesn’t occur again. During this part of the process, organizations must …
Containment
Containment refers to the limiting and preventing of further damage to a computer system or network. Containment is a part of incident response, right before the eradication of the threat. …
Security Event and Incident Management (SEIM)
Security Event and Incident Management (SEIM) refers to cyber security products and services that provide real time analysis, monitoring, and alerting on security logs and generated by applications, hosts, …
Incident Response Plan
An Incident Response Plan is a set of predetermined and documented procedures to detect and respond to a cyber incident. This is the actual procedure carried out if there is …
Incident Reponse
Incident Response is the activities that address the short-term, direct effects of an incident and may also support short-term recovery. Incident Response in cybersecurity work is where a team responds …
Response
Response is the activities that address the short-term, direct effects of an incident and may also support short-term recovery. In cybersecurity, response encompasses both automated and manual activities. Related Term: …