Execute your Incident Response plan and assemble the Incident Response team
Identify extent of
the breach
Use backup data or servers if required to keep services operational. Do not turn off the affected systems as they may be required for Forensics
Assess impact of
the breach
Collect logs from all affected and involved systems
Review access logs to identify unauthorized process or user login and revoke the access
Execute your Incident Response plan and assemble the Incident Response team
Identify extent of
the breach
Use backup data or servers if required to keep services operational. Do not turn off the affected systems as they may be required for Forensics
Assess impact of
the breach
Collect logs from all affected and involved systems
Review access logs to identify unauthorized process or user login and revoke the access