A security incident is the act of violating an explicit or implied security policy at a single site or across multiple organizations. An external security incident is one caused by an individual or group not part of the organizations that are violated. This paper discusses some of the effort required to deal with external security incidents on an organization's hosts (computers) and network. We look at both responsive actions to incidents and proactive actions to mitigate the risk of such incidents. Because of inherent weaknesses in many of the current network protocols and vulnerabilities in widely used software, external security incidents are inevitable to any organization with a connection to a wide-area public network, even a narrow and limited connection.
Download the paper in PDF format here.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.