- SOAR 101
An article written by the Director of D3’s Cyber Security Practice, Stan Engelbrecht, is currently featured on SecurityWeek. Stan’s article is the first in a three-part series on often-overlooked steps in the incident response process. The following is a brief excerpt from the article. Head over to SecurityWeek to read the piece in its entirety.
Through working every day with organizations’ incident response (IR) teams, I am confronted with the entire spectrum of operational maturity. However, even in the companies with robust IR functions, the rapidly evolving threat landscape, constantly changing best practices, and surplus of available tools make it easy to overlook important steps during planning. As a result, by the time an incident occurs, it’s too late to improve their foundational procedures.
Broadly put, there are three phases to an IR plan: Preparation, Response, and Post-Incident. In this three-part series, I’ll cover the important steps in each phase that many organizations overlook.
This article originally appeared on SecurityWeek. To continue reading please click here to access the original article on SecurityWeek