SIEM for ITIL Incident Response - Part 2 - AlienVault
SIEM for ITIL Incident Response - Part 2 - AlienVault
SIEM for ITIL Incident Response - Part 2 - AlienVault
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
195 – OPTIMIZINGFinally we arrive at the point where <strong>Incident</strong> response becomes Exposure <strong>Response</strong>, lockingin a feedback loop of continuous improvement with the rest of the Security Program.For the sake of brevity, the prior sets do not require repeating. At this stage we come to theculmination of <strong>Incident</strong> <strong>Response</strong>:The continual measurement of the outcome of risk decisions taken, resources applied, and themovements of the global theater of risk.<strong>Part</strong>icularly though, at this level of evolution, the service catalog should be so tailored to theenterprise it serves, that providing a list of suggestions would defeat the purpose of doing so.