Rob Lee says not enough organizations are prepared to respond to today’s security incidents. Organizations often do not detect intrusions until after they’ve been compromised, Lee says. Lee offers three recommendations for organizations looking to improve their incident response programs. Organizations need an incident responder to be able to react to not just one machine, but potentially thousands of machines simultaneously. Lee has more than 15 years of experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention, and incident response.”]
Source: https://www.cuinfosecurity.com/3-incident-response-essentials-a-4737