Dear All, We would like to set up a list of rules for incident response. Therefore I would to welcome any suggestions, links or articles what an organisation should do after a minor, medium or major incident has happened in a company (not only cyber-crime)? When to contact the law enforcement agencies and also what consequences should they bare in mind when doing that. Above all, we need to convince top management to be proactive in this game. Even incident response perhaps is partially a top management activity?
Thanks, TS.
