IT security requires consistent, developed approaches to identify and eliminate threats. This nine-step summary identifies the key stages you need to keep in mind.
This approach was developed by Cisco security subdivision Cisco, but it's a methodology that will work regardless of the specific technology choices you make. It's further divided into three areas: measures to implement before an attack, steps to take during an attack, and tasks to perform after an attack.
Magnifying glass picture from Shutterstock Identify any existing threats or weaknesses in your systems and policies.
Riot picture from Shutterstock Use technology to ensure policies are followed.
Bootcamp picture from Shutterstock Patch systems and eliminate threats.
During attack: Detect
Scientist picture from Shutterstock Use technology to identify attacks and potential causes.
During attack: Block
Road block picture from Shutterstock Block attack attempts as they occur.
During attack: Defend
Soccer picture from Shutterstock Aim to circumvent and identify attackers.
After attack: Scope
Scope picture from Shutterstock Research to identify the full scope of the attack.
After attack: Contain
picture from Shutterstock Ensure vulnerabilities and issues don't spread to elsewhere in the business.
After attack: Remediate
Doctor picture from Shutterstock Perform needed remediation and fix activities.