))
Episode 5 - NIST SP 800-61 Computer Security Incident Handling Guide (Post-Incident Activity)
Manage episode 423476019 series 3578563
Content provided by Clint Marsden. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Clint Marsden or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
This is the biggest episode from a content perspective so far. I'm excited to share it with you.
Episode Highlights:
- How to run post-incident debriefs and post-mortems.
- Involving external teams
- Using lessons learned to form actionable insights.
- Key questions to address in incident analysis.
- Effective report writing strategies, including timelines and executive summaries.
- Evaluating and improving incident response procedures and tools preparation.
- Engaging broader teams in the debrief process for better cooperation.
- Tracking and documenting incident response efforts for continuous improvement.
Key Takeaways:
- Post-incident debriefs and post-mortems afford the most value for learning, improving incident response and preventing reoccurance.
- Using structured frameworks and guidelines, like NIST 800-61, provide valuable direction for how to run your debrief and post-mortem meeting.
- Effective communication, documentation, and cooperation across teams enhance incident handling and future preparedness.
11 episodes
Share
