Incident Response Capabilities
The Incident Response Hierarchy is modeled after Maslow's Hierarchy of Needs. It describes the capabilities that organizations must build to defend their business assets. Bottom capabilities are prerequisites for successful execution of the capabilities above them: The capabilities may also be organized into plateaus or phases that organizations may experience as they develop these capabilities: This diagram is available as images ( explanations, plateaus) or as a PowerPoint deck.
Evaluating your maturity
SIM3 Model & References
CSIRT Maturity is an indication of how well a team governs, documents, performs and measures their function. The maturity of a CSIRT is measured with the Security Incident Management Maturity Model, also called SIM3.
Cyber Security Incident Response Maturity Assessment
Cyber Security Incident Response Maturity Assessment CREST has developed a maturity model to enable assessment of the status of an organisation's cyber security incident response capability. The model has been supplemented by a spreadsheet-based maturity assessment tool which helps to measure the maturity of a cyber security incident response capability on a scale of 1 (least effective) to 5 (most effective).