Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Incident Response in the Age of Cloud

You're reading from   Incident Response in the Age of Cloud Techniques and best practices to effectively respond to cybersecurity incidents

Arrow left icon
Product type Paperback
Published in Feb 2021
Publisher Packt
ISBN-13 9781800569218
Length 622 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Dr. Erdal Ozkaya Dr. Erdal Ozkaya
Author Profile Icon Dr. Erdal Ozkaya
Dr. Erdal Ozkaya
Arrow right icon
View More author details
Toc

Table of Contents (18) Chapters Close

Preface 1. Getting Started with Incident Response 2. Incident Response – Evolution and Current Challenges FREE CHAPTER 3. How to Organize an Incident Response Team 4. Key Metrics for Incident Response 5. Methods and Tools of Incident Response Processes 6. Incident Handling 7. Incident Investigation 8. Incident Reporting 9. Incident Response on Multiple Platforms 10. Cyber Threat Intelligence Sharing 11. Incident Response in the Cloud 12. Building a Culture of Incident Readiness 13. Incident Response Best Practices 14. Incident Case Studies 15. Ask the Experts 16. Other Books You May Enjoy
17. Index

Why do we need incident response?

Incidents are on the increase and it has become apparent that if they are not contained properly, they can easily escalate into issues that can damage an organization. A reliable solution is to prepare adequately on how to address security incidents when they happen. IR enables organizations to take essential steps to address the ever-present threat of cyber threats.

Therefore, IR is a necessity in organizations today. Poor handling of incidents can lead to the escalation of manageable security events into catastrophes. As recent reports from security incidents have shown, IR helps organizations to mitigate attacks, minimize losses, and even prevent future security incidents.

To achieve the best outcomes from IR processes, the organization should ensure that it acts with speed immediately after a security event is detected. However, before executing the mitigative actions, the nature and extent of the security incident have to be determined. In the short term, the organization ought to focus on deploying resources to combat the active threat and return the organization to normalcy. This should be done in parallel with seeking assistance from law enforcement and third parties to assist with tracking down the cause. In the long term, IR activities can be focused on identifying the cause of the threat to find permanent fixes, improving the security tools used to ensure better detection and prevention, prosecuting the culpable parties, and addressing reputational damage.

Despite the reliance on conventional cybersecurity approaches that are heavily reliant on security tools, new threats can be best mitigated by people and processes. Hence, IR, which combines the efforts of security tools with people and processes, will often lead to more effective solutions. Organizations must, however, continually evaluate their IR plans and teams to ensure that their effectiveness improves over time. Nonetheless, the importance of IR in modern IT environments cannot be underestimated.

You have been reading a chapter from
Incident Response in the Age of Cloud
Published in: Feb 2021
Publisher: Packt
ISBN-13: 9781800569218
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image