The realistic approach to security is that incidents occur. While ideally, the CISO would want to prevent all of them, in practice some will succeed to a certain degree—making the ability to efficiently manage an incident response process a mandatory skill for any CISO. Moreover, apart from the management of the actual response process, the CISO must also be able to efficiently communicate the ongoing activities and status to the executive level. While the IR process is mostly technical, reporting to the organization’s management should take place on a much higher level in order for the non-security -savvy executives to understand. To assist CISOs with these tasks, Cynet created the IR Management and Reporting PowerPoint template (download here) which apart from providing an actionable response framework, is also clear and intuitive for the executive level. Let’s drill down on the two aspects of the template: IR Management The template was built on the SANSNIST framework which includes the following stages: Identification This stage includes all activities that relate to the initial discovery of malicious presence and activity. It covers a wide range of potential scenarios – discovery carried out by the internal security team or by an external entity, was it in the context of the standard security protocols or a mere coincidence. This stage includes also an initial risk estimation for onward steps. Containment Following the initial identification, there is a critical…
govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2020-02-12 09:00:002020-02-12 09:00:00Report to Your Management with the Definitive ‘IR Management and Reporting’ presentation Template
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email email@example.com