Online Courses
Cyber Incident Response
Online Courses
Cyber Incident Response
  • Cyber Incident Response
  • Incident Response Fundamentals
    • Introduction to Incident Response
    • Why is incident response needed?
    • Incident Response Phases
    • Business Continuity and Disaster Recovery roles
    • Building an IR playbook
    • Building and IR team
    • Quiz
  • Stages of Incident Response
    • Incident definitions and severity criteria
    • Identifying threats and vulnerabilities
    • Incident Response assets inventory and identification
    • Incident identification
      • Incident Response classification levels
      • Communication/notification of an incident
      • Identification tools and techniques
    • Incident containment
      • Determining status of infected/affected computing resources
      • Containment actions
      • Containment tools and techniques
    • Incident investigation
      • Investigation data sources
      • The role of Digital Forensics
    • Incident eradication
      • Cleanup and verification
      • Notification
      • Eradication tools and techniques
    • Incident recovery
      • Service and System restoration
      • Certification and validation of Business Continuity
      • Recovery and restoration tools and techniques
  • Follow Up / Lessons Learned
    • Assessing the team and processes' effectiveness
    • Implementing improvements
    • Feedback from other teams in the organization
    • Quiz
  • Understanding the Incident Response process and tools quiz
Powered by GitBook
On this page
  • Different approaches
  • Immediate implementation
  • Phased implementation
  1. Follow Up / Lessons Learned

Implementing improvements

Different approaches

  • Immediate implementation

  • Phased implementation

Immediate implementation

Should generally be reserved for solutions that:

  • Have very low impact on operations

  • Do not require significant resources or effort from other organizations in the enterprise

  • Address critical failures in the response effort

Phased implementation

May require significant resources and input from other teams

Solutions that may impact operations and other business functions

Will usually require some type of impact assessment

Sometimes things that address critical flaws will still need this approach

  • Communication with other teams was flawed

  • Getting access to tools was flawed

PreviousAssessing the team and processes' effectivenessNextFeedback from other teams in the organization

Last updated 8 months ago