Cloud Email Compromise Incident Response Playbook
Details
This download contains a 6clicks Incident Response playbook for Cloud Email Compromise.
The purpose of a Cyber Security Playbook, or Security Playbook, is to provide all members of an organisation with a clear understanding of their roles and responsibilities regarding cybersecurity â before, during and after a security incident.
Adversaries may compromise email accounts that can be used during targeting. Adversaries can use compromised email accounts to further their operations, such as leveraging them to conduct Phishing for Information or Phishing. Utilizing an existing persona with a compromised email account may engender a level of trust in a potential victim if they have a relationship, or knowledge of, the compromised persona. Compromised email accounts can also be used in the acquisition of infrastructure (ex: Domains).
Remember: If you face an incident, follow IRM, take notes, and do not panic. Contact your CERT immediately if needed.
6 steps are defined to handle security Incidents:
- Preparation: get ready to handle the incident
- Identification: detect the incident
- Containment: limit the impact of the incident
- Remediation: remove the threat
- Recovery: recover to a normal stage
- Aftermath: draw up and improve the process
Getting Started
Click "Book a demo" and our team will provide you with an overview of our content library within the 6clicks GRC platform.More Information
| Jurisdiction | All |
|---|---|
| Type | Playbook |