Technology incident response is a process of investigating and resolving computer security incidents.
A security incident can be of various reasons, from a physical damage – fire, theft, flooding – to logical incidents – passwords compromised, unauthorized access.
With over 25 years of technology experience, I have coordinated and assisted various events related to computer security incidents.
My best advise is that if you suspect a violation of your computer’s security, you should contact your department’s computer or technical support person immediately.
There are certain guidelines which must be followed depending on each type of incident. Do not attempt to perform any repairs without proper consulting if you believe there might be a serious violation involved.
If you need consulting support regarding computer security issues, please contact me privately for an initial assessment and estimate of costs. For obvious reasons I do choose to not list publicly the general steps I would take.
This is not a procedure exclusive to large corporations !
Any company should have adequate procedures in place to protect its assets and even existence. Some of the topics I usually cover are:
- Creating an incident response policy and plan
- Developing procedures for performing incident handling and reporting
- Selecting a team, staffing model and training of the incident response team and other stakeholders
- Determining what services the incident response team should provide
- Setting guidelines for communicating with all parties regarding incidents and establishing relationships between the incident response team and other groups, both internal (e.g., legal department) and external (e.g., law enforcement agencies): businesses should document their guidelines for interactions with other organizations regarding incidents
I have successfully implemented various incident preparedness strategies and also participated in emergency management situations varying from severe fire damage to a company headquarters to federal investigations in data breach.