Experience shows that most organizations do not think about how to respond to a computer security incident until after they have been hit significantly. They have not assessed the business risk of not having formal incident-detection and response mechanisms in place. More often than not, organizations receive reports informing them that they are involved in an incident originating from some other party rather than identifying the incident themselves. This is called the trial-by-fire approach.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
