Additionally, the FBI and the Computer Security Institute, in their annual survey on computer crime and information security, gathered the following disturbing facts in 1998: 1) 64 percent of respondents reported a security breach in 1998 — up 16 percent from the previous year; 2) security breaches cost the respondents who could quantify losses a total of $136,822,000 — up 35 percent over the previous year; 3) 18 percent of respondents had no idea whether or not they had been hacked; 4) only 38 percent of respondents had a written intrusion policy, and only 22 percent had an evidence handling policy; 5) 74 percent of respondents reported attacks from inside their networks, and 70 percent reported attacks …show more content…
During this stage, an initial investigation is begun. Basic details of the incident are logged and recorded. The CSIRT is brought in and the information and reports are relayed to them. The CSIRT notifies management or the supervisors of what occurred and what their next step will be.
The next step is Formulating a Response Strategy. Based on the results of all the known facts of the investigation, the CSIRT will determine the best response to the incident and will receive approval from the management of the supervisors to pursue any type of legal or administrative action.
The next step is Reporting. It is exactly what it sounds like. During this stage, reports are put together that explain in great detail every piece of information that was gathered about the incident, how it occurred, and what the response was. These reports are given to the management or supervision