Execute your Incident Response plan and assemble the Incident Response team

Identify extent of
the breach

Use backup data or servers if required to keep services operational. Do not turn off the affected systems as they may be required for Forensics

Assess impact of
the breach

Collect logs from all affected and involved systems

Review access logs to identify unauthorized process or user login and revoke the access

Execute your Incident Response plan and assemble the Incident Response team

Identify extent of
the breach

Use backup data or servers if required to keep services operational. Do not turn off the affected systems as they may be required for Forensics

Assess impact of
the breach

Collect logs from all affected and involved systems

Review access logs to identify unauthorized process or user login and revoke the access