RS.MI-02: Incidents are eradicated

Previous Version:

Description

[csf.tools Note: Subcategories do not have detailed descriptions. However NIST has provided the following implementation examples.]

Implementation Examples

1st: 1st Party Risk

3rd: 3rd Party Risk

Ex1: Cybersecurity technologies and cybersecurity features of other technologies (e.g., operating systems, network infrastructure devices) automatically perform eradication actions

Ex2: Allow incident responders to manually select and perform eradication actions

Ex3: Allow a third party (e.g., managed security service provider) to perform eradication actions on behalf of the organization