[unisog] Incident Response Procedures
bobmah at MIT.EDU
Thu Jul 22 15:22:22 GMT 2004
A colleague and I presented a paper at the June FIRST conference,
"Incident Response and Large Event Handling in the Research
University" While it does not describe the current structure of
security response at MIT, some of the topics raised might be of
interest, as you discuss your own approaches. You can get a copy at:
We began the paper back when I was still leading MIT's team. (Please
note that I no longer speak for the Institute in security matters.)
I'd also suggest getting a copy of two great books:
"The CERT Guide to System and network Security Practices" (Addison
Wesley) by Julia Allen (who modestly did not mention it directly
"Incident Response Planning and Management" (O'Reilly) by Kenneth van
Wyk & Richard Forno
Both *well* worth the time...
At 4:21 PM -0400 7/21/04, Jason Brooks wrote:
>We are working on formulating an Incident Response Policy and Procedure.
>We've scoured the net and found little that aids us in the Higher Ed sector;
>most are geared for business. So, not wanting to unnecessarily reinvent the
>wheel, we are soliciting input.
>Does anyone have any IRP/Procedures that they would be willing to share?
>Information Security Technician
>201 High Street
>Farmville, VA 23909
>mailto:brooksje at longwood.edu
>unisog mailing list
>unisog at lists.sans.org
More information about the unisog