17.9: Establish and Maintain Security Incident Thresholds
CSF v1.1 References:
Group:
Previous Version:
- Critical Security Controls Version 7.1:
- 19.8: Create Incident Scoring and Prioritization Schema
Control Statement
Establish and maintain security incident thresholds, including, at a minimum, differentiating between an incident and an event. Examples can include: abnormal activity, security vulnerability, security weakness, data breach, privacy incident, etc. Review annually, or when significant enterprise changes occur that could impact this Safeguard.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]