From the course: CompTIA CySA+ (CS0-002) Cert Prep: 6 Incident Response

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Determining incident severity

Determining incident severity

From the course: CompTIA CySA+ (CS0-002) Cert Prep: 6 Incident Response

Start my 1-month free trial

Determining incident severity

- [Instructor] Large organizations experience dozens of security incidents every month, week, or even on a daily basis. In order to triage these incidents, we must assign security levels that indicate the degree of threat to the organization and help us prioritize our response. Every organization will need to develop its own severity rating system based upon the unique business needs of the organization and the types of information that it handles. Even though specific ratings may vary, all of these systems should be based upon the nature and scope of the incident's possible impact. Do you remember the CIA triad that forms the basic core of the cybersecurity profession? This triad can also be used to help assess the scope of the security impact of an incident. First, consider the potential impact of the incident from a confidentiality perspective. How likely is it that the incident will allow unauthorized individuals to…

Contents