MD2 When and how to escalate a security incident Flashcards
Escalating Incidents
Each organization has its own escalation policy, which outlines who should be notified when an incident alert occurs and how that incident should be handled.
It is important to understand your organization’s escalation policy so that you can escalate incidents to the right person with the right urgency.
Every organization handles incident escalation differently, but analysts need to ensure that incidents are handled correctly.
Following an Escalation Policy
Following an organization’s escalation policy is essential because the actions you take help protect the organization and the people it serves from malicious actors.
The escalation policy for an organization can be an extensive document, so it is up to you to pay attention to the small details within the escalation policy of your organization.
Attention to detail can make the difference between escalating an incident to the right or wrong person. It can also help you prioritize which incidents need to be escalated with more or less urgency.