The National Institute of Standards and Technology (NIST) announced recently that it had released the final version of its Computer Security Incident Handling Guide. The Guide contains a new section on the importance of information sharing and coordination between agencies.
The revised NIST guide provides step-by-step instructions for new, or well-established, incident response teams to create a proper policy and plan. NIST recommends that each plan should have a mission statement, strategies and goals, an organizational approach to incident response, metrics for measuring the response capability, and a built-in process for updating the plan as needed. The guide recommends reviewing each incident afterward to prepare for future attacks and to provide stronger protections of systems and data.
The announcement contains a link to the Guide.
Hat tip to Alan Goldberg (again).
E-mail:@senseient.com Phone: 703-359-0700