An Improved Incident Handling Model

Abstract:

With  the  increase  in  cyber-attacks,  organisations require  a  proper  incident  response  mechanism  that  will  help them  in  handling  and  mitigating  the  effects  of  security breaches.  The  most  common  incident  handling  models have been  provided  by  organisations  such  as  CERT/CC,  NIST, SANS  Institute,  ENISA  and  ISO.  Nevertheless, several limitations  have  been  identified  in  these  models.  This  paper examines the weaknesses of the existing models and proposes an Improved Incident Handling model which  introduces new components  that  can  help organisations  in  handling  today’s security incidents.