Welcome to the SecAware blog

I spy with my beady eye ...

8 Jun 2010

Classifying information security incidents

Information security incidents come in all shapes and sizes, ranging from nil or negligible impact through to total devastation.  Quickly classifying incidents as the initial information comes to light (in terms of the nature of the incident and the scale or gravity of it) is a good way to decide what kind of response is appropriate.  Do we add it to a to-do list for someone in IT, or call out the Army?  GovCertUK's scheme suits incidents that may have a national impact but it's not hard to create something more useful for the average organization using theirs as a template or starting point.

For a more involved scheme, check out the Verizon Incident Sharing Framework

Regards, Gary

No comments:

Post a Comment