Information Protection Center: Stage 1 - Active: Detection Phase

Incidents: The IPC acts as a Point of Contact for security reporting and assistance. If someone detects some unusual or suspicious event related to the organization's networks, computers or information, they can relay the details of the incident to the IPC for investigation. The results of the investigation will be provided back to the originator and, in most cases, will be posted to the IPC's intranet web site. It is often difficult to determine if the unusual or suspicious event is symptomatic of an incident because apparent evidence of security incidents often indicates a problem with system configuration, untested application program, hardware failure, or frequently user errors. Typical indications of security incidents include any or all of the following:

Tags:

Read the complete paper at Symantec