From 511edb3036ba665bdc272a8693f5a4d5cd6a8397 Mon Sep 17 00:00:00 2001 From: Aram Hovsepyan Date: Tue, 9 Jul 2024 14:15:09 +0200 Subject: [PATCH] Update O-Incident-Management.yml minor improvement from you're to you are. I just need some change to test the new website generation actually. --- model/security_practices/O-Incident-Management.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/model/security_practices/O-Incident-Management.yml b/model/security_practices/O-Incident-Management.yml index d5c7d758a2e0..6d6a45eb81a9 100644 --- a/model/security_practices/O-Incident-Management.yml +++ b/model/security_practices/O-Incident-Management.yml @@ -20,11 +20,11 @@ shortDescription: This practice addresses activities carried out to improve the #A multi-paragraph description of the security practice longDescription: | - Once your organization has applications in operation, you're likely to face security incidents. In this model, we define a security incident as a breach, or the threat of an imminent breach, of at least one asset's security goals, whether due to malicious or negligent behavior. Examples of security incidents might include: a successful Denial of Service (DoS) attack against a cloud application, an application user accessing private data of another by abusing a security vulnerability, or an attacker modifying application source code. The Incident Management (IM) practice focuses on dealing with these in your organization. + Once your organization has applications in operation, you are likely to face security incidents. In this model, we define a security incident as a breach, or the threat of an imminent breach, of at least one asset's security goals, whether due to malicious or negligent behavior. Examples of security incidents might include: a successful Denial of Service (DoS) attack against a cloud application, an application user accessing private data of another by abusing a security vulnerability, or an attacker modifying application source code. The Incident Management (IM) practice focuses on dealing with these in your organization. Historically, many security incidents have been detected months, or even years, after the initial breach. During the "dwell time" before an incident is detected, significant damage can occur, increasing the difficulty of recovery. Our first activity stream, Incident Detection, focuses on decreasing that dwell time. - Once you have identified that you're suffering from a security incident, it's essential to respond in a disciplined, thorough manner to limit the damage, and return to normal operations as efficiently as possible. This is the focus of our second stream. + Once you have identified that you are suffering from a security incident, it's essential to respond in a disciplined, thorough manner to limit the damage, and return to normal operations as efficiently as possible. This is the focus of our second stream. #The relative order of this practice in the business function order: 1