Modeling of Post-Incident Root Cause Analysis
暂无分享,去创建一个
Because digital incidents are not always from an external source, the focus often is upon the internal network and the people who use it. Frauds, abuses and other insider threats are, by most accounts, more common than externally caused events. In any event, such root cause investigations usually center upon the internal network, the entry point (especially in large-scale virus and worm infections) and the damage done during the incident.