The Incident Response Hierarchy of Needs
The Incident Response Hierarchy is modeled after Maslow's Hierarchy of Needs. It describes the capabilities that organizations must build to defend their business assets. Bottom capabilities are prerequisites for successful execution of the capabilities above them:
How can I use it?
You are welcome to use, modify, and share my description of the incident response hierarchy. It is shared with the community under a Creative Commons Attribution 4.0 International license.
I have feedback!
Leaders may describe this concept in different ways depending on their experiences and the needs of their business. This version is based on my experience building incident response capabilities in Office 365, with feedback from the infosec community on Twitter.