NIST SP 800-86 Guide to Integrating Forensic Techniques into Incident Response 3.6 3.6.1 3.6.2 csc19 Incident Response
This guide from NIST discusses how important forensics can be for an organization during a cyber incident.
This guide from NIST discusses how important forensics can be for an organization during a cyber incident.
This article discusses how to conduct incident postmortems, and why they're important.
This article describes how to build and regularly test your IR plan.
This is a policy template from SANS for incident response management.
This whitepaper from SANS provides basic nomenclature and examples for events and incidents.
This SANS whitepaper details procedural incident response steps, supplemented by tips and tricks for use on Windows and UNIX platforms.
This SANS whitepaper discusses the need for annual incident handling testing and training.
This link from the State of Washington discusses examples of tabletop exercises that can be used during monthly meetings to help organizations prepare for cybersecurity events.
This document provides an overview of items that election officials should take into consideration when developing these policies and plans. Additionally, it provides usable checklists and other resources designed to help develop more in-depth procedures for implementing cyber incident response policies and procedures.
This YouTube video covers key components of an effective incident response plan.