Incid#*%$ Happen: Manage ThemBy Mike Rothman
We all fall into the trap of adopting industry lingo to describe various functions. But when you take a step back, and think about mental cues we need to perform our best, sometimes it makes sense to look at things a bit differently. We all call the function of dealing with an attack incident response now.
To be clear, respond is a better word than react because it at least implies logical thought about how to respond. But the next step is to manage incidents.
Integriography has a good post about this distinction, with an analogy that will warm Rich’s heart – comparing processes to Emergency Management. I knew I have heard that before somewhere…
Tornados, earthquakes, fires, automobile accidents, heart attacks, and many more emergencies happen daily. Rather than treating these as one off incidents that require all hands on deck, emergency services plan, recruit, train, and respond in a very calm, business like manner because it is their normal business.
Right. Dealing with attacks is our normal business. So it’s time we start managing to that. It is probably time to update our terminology to reflect this.
(h/t to grecs, who pointed me to this post.)
Photo credit: “Emergency” originally uploaded by michaelgoodin