It is not a big secret (nor a surprise) that I am a big fan of the guys over at Securosis. Not only do I appreciate a lot of the research that they do, I also like their business model very much. They give back to the community much of what they get from it, and that is commendable.
Recently, they have been publishing a series of articles that are very much in my area of interest. The articles have a common theme: incident response. The articles describe in sufficient detail what controls to should be in place to facilitate effective response; examples range from information collection, to escalation processes, and much more.
The ability to respond to incidents, rather than to merely react to them, is something that many organizations lack, but that has the ability to drastically reduce downtime following an incident, and in some cases will prevent intellectual property from being lost and/or damaged.
The articles that they have published to date are:
As time goes on, I hope that Securosis continues its great work and continues to publish relentlessly.