Today’s threat landscape also requires a detailed incident response strategy to detect, respond to, and contain a breach, along with staff expertise to implement that strategy. Once it’s determined that an attacker has infiltrated your network, you must move quickly to minimize damage to your organization’s infrastructure, brand and customer base.

This paper draws on the worldwide incident response (IR) experience of Mandiant, a FireEye company, to explore the three phases of preparing for a cyber attack:

• Developing an effective IR plan
• Adopting the proper capabilities to execute that IR plan
• Practicing the IR plan