Colleague Lance Spitzner shared an interesting resource for Incident Response (IR) methodologies today and I'm paying it forward.
The CERT Societe Generale, in cooperation with SANS and Lenny Seltzer, offers a set of guidelines and practices that describe how an organization can respond to a variety of security incidents. Each of these operational best practices describes the order and actions to take if your organization falls victim to events that are becoming all too common: social engineering attack, data breach, worm infection, and more. CERT Societe Generale currently offers 15 such guidelines. All the guidelines folllow a common methodology (shown at right).
While these "cheat sheets" are not sufficient to fully prepare to respond to any incident, they will greatly simplify how you go about preparing your organization. Several of the guidelines point to other valuable rsources to use when preparing your response or defining the actions you can take to identify, contain and recover from specific classes of incidents.
Take a few minutes to visit the site. I'm confident that if you browse at least one of these two page worksheets, you'll download the entire package.
You can follow this conversation by subscribing to the comment feed for this post.