Getting Ready for Incident Response

Iod: I think it's important to have a framework for auditors showing up, being internal or external. He says the most well established is the nist of special p 861. Another great framework is the mitr attack framework which looks at all threat vectors and quantifies how well you're able to do it. sands incident response includes prepare, identify, contain, eradicate, recover and lessons learned.