This refers to making sure an organization has taken the necessary measures and precautions to secure itself before any cybersecurity problems arise. This area focuses on proactive strategies rather than reactive strategies.
Detect
Incidents cannot be responded to unless they are detected. In fact, detection of security incidents may take weeks or months for many organizations to accomplish.
Respond
Responding to a computer security incident has a few steps. The first step is when the team receives a report of an incident from a constituent, such as a user, business partner or security operations center staff member.