SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsNo matter how well your network is protected, eventually there will be an incident that you are not prepared to handle by yourself. It could be because the problem is beyond your technical capabilities, or it could be because you have not been empowered to make the necessary decisions or to take the necessary actions. Does you're company have a plan for this contingency? No company's security policy should be considered complete until procedures are put into place that allow for the handling and recovery from even the most devastating of incidents. One possible solution is the inclusion a Computer Incident Response Team (CIRT) within the company's incident response procedures. This paper is designed to answer the big questions about Computer Incident Response Teams including: What is a CIRT? Who should be on a CIRT and what function will they serve? And, What steps need to be taken to implement a CIRT?