Summarize on Protecting National Infrastructure - RESPONSE

In this chapter 11, we have seen the incident response is an organization’s reaction to halting and recovering from a security incident, and the response plan must be in place before the incident occurs. The goal of having an incident response plan is to ensure that your organization is fully prepared for, and ready to respond to any level of cyber security incident fast and effectively. A cyber security program will contain at least the following Incident trigger, Expert gathering, Incident analysis and Response activities.(Amoroso,2012)

We have also seen about the Pre-Versus post attack response. There are two fundamental types of triggers .Tangible, visible effects of an attack and Early warning and indications information .Thus, two approaches to incident response processes are Front-loaded prevention and Back-loaded recovery. The two approaches should be combined for comprehensive response picture. Protecting national assets is worth suffering a high number of false positives.The incident response teams are optimal incident response team includes two components A core set of individuals as well as A set of subject matter experts. Response teams in a national setting must plan for multiple concurrent attacks aimed at a company or agency.The other topic is forensic analysis is the Internal expert most likely the best to lead a company investigation.Disaster recovery program which is nothing but the preparing, planning and practice.Finally we have see about the National response programs can provide centralized coordination intrasector coordination should be encouraged .Currently, coordination is not the main focus of most national emergency response team programs.