McAfee has published a white paper by Jim Olmstead, Senior Consultant, Incident Response and Forensic Practice Foundstone® Services, entitled Ten Ways to Prepare for Incident Response.
Words by the author:
“As a senior consultant on the Foundstone Services incident response and forensic team, I regularly respond to a wide range of security incidents at client sites. I have assisted clients with the containment and eradication of malicious code (for example: ransomware and malware infections) and responding to unauthorized access/network breaches impacting their enterprise environment. During all of the responses, there was the need to identify the nature of the incident, assess the client’s security infrastructure, and work towards the identification of the threat or attack vector(s). The information gathered from the initial assessment and related analysis was then used to isolate and contain the malicious activity impacting devices within the environment.
Each response is different and presents its own challenges, which are addressed. However, there are common general security methodologies and best practices that help make the engagement a success during the containment, eradication, and recovery of the environments. To mitigate the chaos generated from an incident, we adopt and implement different security standards, such as National Institute of Standards and Technology (NIST), International Organization for Standardization (ISO), and others.
This paper focuses on various steps and processes that you can take to help prevent and/or reduce the malicious impact of commodity malware and viruses on your enterprise, as well as reduce the impact that hackers may have on your environment”
You can read the paper here.