Over the last year or so, the cybersecurity winds have shifted once again. With the onslaught of new detection engines, CISOs need ways to collect, process, analyze, and react to volumes of incident detection data in a timely fashion so they can actually respond to incidents. Why the change? Incident response (IR) is where technology meets humanity as it depends upon the instincts, experience, skills, and methodologies of really smart people. These individuals, and the processes they create, are the essential ingredients for discovering and addressing cyber-attacks efficiently and effectively – at each and every organization.
via Incident Response: More Art than Science | Network World