Abstract:
With the increase in cyber-attacks, organisations require a proper incident response mechanism that will help them in handling and mitigating the effects of security breaches. The most common incident handling models have been provided by organisations such as CERT/CC, NIST, SANS Institute, ENISA and ISO. Nevertheless, several limitations have been identified in these models. This paper examines the weaknesses of the existing models and proposes an Improved Incident Handling model which introduces new components that can help organisations in handling today’s security incidents.
