7 Steps to Improve Security Incident Handling

7 Steps to Improve Security Incident Handling
New NIST Guidance Targets Computer Incident Response

Establishing an effective incident response program is a key component of an information risk management strategy. And, the National Institute of Standards and Technology has issued draft guidelines to help organizations implement such a program.

NIST Wednesday announced it's seeking public comment on draft Special Publication 800-61 Revision 2, Computer Security Incident Handling Guide, which updates an earlier revision released in 2008.

The rapidly changing threat environment requires new approaches to IT security, and NIST says the revised guidance does that:

"Unlike most threats several years ago, which tended to be short-lived and easy to notice, many of today's threats are more stealthy, specifically designed to quietly, slowly spread to other hosts, gathering information over extended periods of time and eventually leading to exfiltration of sensitive data and other negative impacts. Identifying these threats in their early stages is key to preventing subsequent compromises, and sharing information among organizations regarding the signs of these threats is an increasingly effective way to identify them." Read more.