Security Incident cycle
The course is part of this learning path
No system is perfect
It can be frustrating when you’ve worked hard to prepare but something still goes wrong. We’ve all been there.
Whether packing for a holiday but forgetting plug adapters or working towards a deadline but a flurry of activity late Friday afternoon distracts you from actually sending the document in time – life happens. What’s important is that we
can identify what went wrong and figure out a way to ensure that it doesn’t happen again. The same goes with your systems.
No system is perfect, incidents happen, but what’s meant by the term ‘incident’? The NCSC definition of a cyber incident is:
Before any incident occurs, the organisation should have an incident response plan, and regular incident response drills should be carried out to ensure the procedures work efficiently. These drills are likely to identify process and technology issues that need to be addressed.
The NCSC say:
'Incidents can be opportunistic or targeted, and threats can originate from outside and inside your organisation. But, whatever the nature of the threat, only one thing can help you deal well with a cyber incident - good preparation.'
With good preparation in mind, this is what to expect from the security incident management process:
- Creating an incident response plan
- Protecting the evidence
- Defining an incident
- Launching investigations
You’ll now move on to find out what kind of impact incidents can have on an organisation, and how best to respond.
In this module you’ll discover the close relationship between business continuity, disaster recovery and incident management.
A world-leading tech and digital skills organization, we help many of the world’s leading companies to build their tech and digital capabilities via our range of world-class training courses, reskilling bootcamps, work-based learning programs, and apprenticeships. We also create bespoke solutions, blending elements to meet specific client needs.