CLOUD-CENTRIC INCIDENT RESPONSE

Incident Response (IR) is a critical facet of any cloud security program. Preventive security controls have proven unable to completely eliminate the possibility that critical data could be compromised. Most organizations have some sort of IR plan to govern how they will investigate an attack, but as the cloud presents distinct differences in both access to forensic data and governance, organizations must consider how their IR processes will change.

The cloud-centric Incident Response Lifecycle is defined as the following,

  • Preparation
  • Detection and Analysis
  • Containment, Eradication, Recovery
  • Post-Mortem