The National Institute of Standards and Technology published for public comment a guide on managing responses to computer security incidents such as hacking attacks.
The Computer Security Incident Handling Guide brings together best practices from industry, government agencies and academia on helping organization manage their computer systems when attacked.
Government agencies are required by the Federal Information Security Management Act (FISMA) to establish incident response capabilities and designate points of contact with the U.S. Computer Emergency Readiness Team (US-CERT) office within the Department of Homeland Security.
The guide is designed to help both established and newly formed incident response teams to create a policy and plan that will aid in preparation. The plan should have a mission, strategies and goals, an organizational approach to incident response, metrics for measuring the response capability and a built-in process for updates as needed.