An article in EC-Council Blog gives a good overview of the role of an incident response analyst, but also offers some insight into what factors business owners should look at in developing its own effective incident response plan.
“The incident response plan is a crucial part of any security program. It helps establish and test strategies put in place in the event of a cyber incident to ensure minimal impact. The demand for incident response analysts has been steadily increasing due to the potential vulnerability that cloud services introduce to a system,” reads the article. “Because of the world’s increased device usage and storage needs, cloud services are a huge part of how our data is managed. This, unfortunately, increases the threat surface, which invites more computer security incidents, making effective incident response plans mandatory for most organizations.”
The article looks at OODA Loop (Observe, Orient, Decide, and Act) and provides an explanatory video, as well as covering off the four parts of the incident response lifecycle: preparation, detection and analysis, containment, eradication and recovery, and post-incident activity.
When generating an incident response plan, the article says that corporations should look at the following factors:
Preparation, identification, containment, eradication, recovery and lessons learned.
Source:
https://blog.eccouncil.org/what-does-an-incident-response-analyst-do/
