Dustin Decker

Incident Response

In the fields of computer security and information technology, computer security incident management involves the monitoring and detection of security events on a computer or computer network, and the execution of proper responses to those events. Computer security incident management is a specialized form of incident management, the primary purpose of which is the development of a well understood and predictable response to damaging events and computer intrusion.

https://en.wikipedia.org/wiki/Computer_security_incident_management

Lifecycle management is the process of managing the lifecycle of a product. Lifecycle management starts at the very beginning of the product in the design phase and continues through end of life or retirement of the product.

When we discuss Incident Response, we’re really talking about operating within a framework that’s circular and repetitive. Action items such as Preparation, Detection & Analysis, Containment/Recovery, and Learning at first may appear to be linear management activities.

A maturing view will quickly reveal that the order can and will change based on a number of factors. It can feel confusing – where’s the cart, and where’s the horse?

Where does your business and daily activities fall on these journeys?

What Comes First?