This bulletin summarizes information disseminated in revised NIST Special Publication (SP) 800-61-1, Computer Security Incident Handling Guide: Recommendations of the National Institute of Standards and Technology. Written by Karen Scarfone and Tim Grance of NIST and by Kelly Masone of Booz Allen Hamilton, SP 800-61-1 provides practical guidance to help organizations establish an effective incident response program, analyze and respond to information security incidents, and reduce the risks of future incidents. The bulletin covers the procedures and solutions for detecting, analyzing, prioritizing, and handling incidents, and presents NIST's recommendations concerning the establishment of incident response capabilities, the procedures for incident handling and reporting, the relationships between the incident response team and other groups, and the continual monitoring of incident response activities.
Handling Computer Security Incidents: NIST Issues Updated Guidelines, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=152110
(Accessed June 10, 2023)