Handling Computer Security Incidents: NIST Issues Updated Guidelines

This bulletin summarizes information disseminated in revised NIST Special Publication (SP) 800-61-1, Computer Security Incident Handling Guide: Recommendations of the National Institute of Standards and Technology. Written by Karen Scarfone and Tim Grance of NIST and by Kelly Masone of Booz Allen... See full abstract

This bulletin summarizes information disseminated in revised NIST Special Publication (SP) 800-61-1, Computer Security Incident Handling Guide: Recommendations of the National Institute of Standards and Technology. Written by Karen Scarfone and Tim Grance of NIST and by Kelly Masone of Booz Allen Hamilton, SP 800-61-1 provides practical guidance to help organizations establish an effective incident response program, analyze and respond to information security incidents, and reduce the risks of future incidents. The bulletin covers the procedures and solutions for detecting, analyzing, prioritizing, and handling incidents, and presents NIST's recommendations concerning the establishment of incident response capabilities, the procedures for incident handling and reporting, the relationships between the incident response team and other groups, and the continual monitoring of incident response activities.
Hide full abstract