MD2 Timing is everything: From simple activity to major data breach

Question 1

Escalating Incidents

Answer 1

It is important to escalate incidents to the right person in a timely manner. If an incident is not escalated properly, it can lead to a much larger issue.

Question 2

Incident Criticality

Answer 2

The criticality of an incident is important to note. Initially, an incident can be escalated with a medium level of criticality if the analyst doesn’t have enough information to determine the amount of damage done to the organization. Once an experienced incident handler reviews the incident, the incident may be increased or decreased to a high or low criticality level.

Question 3

Determining the Urgency of a Security Incident

Answer 3

The urgency of a security incident depends on the asset or assets that the incident affects. Assets that are critical to an organization’s business operations, such as a manufacturing plant or database that stores PII, need to be protected with a higher level of urgency.