IT security requires consistent, developed approaches to identify and eliminate threats. This nine-step summary identifies the key stages you need to keep in mind.
This approach was developed by Cisco security subdivision Cisco, but it’s a methodology that will work regardless of the specific technology choices you make. It’s further divided into three areas: measures to implement before an attack, steps to take during an attack, and tasks to perform after an attack.
Pre-attack: Discover
Magnifying glass picture from Shutterstock
Identify any existing threats or weaknesses in your systems and policies.
Pre-attack: Enforce
Riot picture from Shutterstock
Use technology to ensure policies are followed.
Pre-attack: Harden
Bootcamp picture from Shutterstock
Patch systems and eliminate threats.
During attack: Detect
Scientist picture from Shutterstock
Use technology to identify attacks and potential causes.
During attack: Block
Road block picture from Shutterstock
Block attack attempts as they occur.
During attack: Defend
Soccer picture from Shutterstock
Aim to circumvent and identify attackers.
After attack: Scope
Scope picture from Shutterstock
Research to identify the full scope of the attack.
After attack: Contain
picture from Shutterstock
Ensure vulnerabilities and issues don’t spread to elsewhere in the business.
After attack: Remediate
Doctor picture from Shutterstock
Perform needed remediation and fix activities.
Comments