Tehnika (Jan 2020)
Incident response as a key factor of defense
Abstract
According to the ancient Chinese learning our world is governed by two opposite forces being Yin and Yang. Those forces are the force of offense and force of defense and by the same doctrine our world can be in harmony only if those two forces are in balance. The modern security experts would also see a security as a balance between attack and defense. So many defense professionals worldwide would approach their everyday tasks with such an assumption. The similar situation is with the cyber defense - the cybersecurity researchers and practitioners would see cyber defense as a balance between cyber attack and its defense. Also, this doctrine would get led with the theory that there are some passive and active principles in cyber defense. For instance, the passive principals are cyber prevention and monitoring, while the active principle is the incident response. The ongoing experience would suggest that the majority of marketplace actors would invest a lot into the passive factors of cyber defense, while the incident response would get less used due to some objective and realistic parameters. The main concern with the incident response is that it requires a lot of skills and expertise in order to get applied. There is the entire flow in a cybersecurity that would suggest that all three indicators of the cyber defense passive and active principles should get equally distributed. In addition, coping with such a concept so many cyber experts would see the incident response as a key pillar in a cyber defense. In this effort, we intend to provide a deep insight into such learning as well as provide some comments and discussions coming from our own research experience.
Keywords
