Computer Security Incident Handling Guide

Cichonski, Paul; Millar, Thomas; Grance, Tim; Scarfone, Karen

doi:https://doi.org/10.6028/NIST.SP.800-61r2

NIST SP 800-61 Rev. 2

Computer Security Incident Handling Guide

Documentation Topics

Date Published: August 2012

Supersedes: SP 800-61 Rev. 1 (03/07/2008)

Planning Note (04/03/2024):

An initial public draft of Revision 3 is now available: Incident Response Recommendations and Considerations for Cybersecurity Risk Management: A CSF 2.0 Community Profile. Public comments are due by May 20, 2024.

Send inquiries about this publication to [email protected].

Author(s)

Paul Cichonski (NIST), Thomas Millar (DHS), Tim Grance (NIST), Karen Scarfone (Scarfone Cybersecurity)

Abstract

Computer security incident response has become an important component of information technology (IT) programs. Because performing incident response effectively is a complex undertaking, establishing a successful incident response capability requires substantial planning and resources. This publication assists organizations in establishing computer security incident response capabilities and handling incidents efficiently and effectively. This publication provides guidelines for incident handling, particularly for analyzing incident-related data and determining the appropriate response to each incident. The guidelines can be followed independently of particular hardware platforms, operating systems, protocols, or applications.

Keywords

computer security incident; incident handling; incident response; threats; vulnerabilities

Control Families

Incident Response; System and Information Integrity

Documentation

Publication:
https://doi.org/10.6028/NIST.SP.800-61r2
Download URL

Supplemental Material:
Press Release

Document History:
08/06/12: SP 800-61 Rev. 2 (Final)

Topics

Security and Privacy

incident response, maintenance, risk assessment, threats, vulnerability management

Laws and Regulations

Federal Information Security Modernization Act