Objectives of a Security Incident Response

The major objectives are to:

• Minimise business losses and subsequent liabilities to the company;
  
• Minimise the possible impact of the incident in terms of information leakage, corruption and system disruption, etc.;
  
• Ensure that the response is systematic and efficient and that there is prompt recovery for the compromised system;
  
• Ensure that the required resources are available to deal with incidents, including manpower, technology, etc.;
  
• Ensure that all responsible parties have a clear understanding regarding the tasks they need to perform during an incident by following predefined procedures;
  
• Ensure that all response activities are recognised and coordinated;
  
• Prevent further attacks and damage; and
  
• Deal with related legal issues.
  

No matter how good the risk mitigation measures may be in reducing the impact of a security incident and the probability of incidents, an incident may hit you unexpectedly! You must be prepared.