Response

Incident response is the disciplined sequence that follows a confirmed incident. The NIST lifecycle is Preparation → Detection & Analysis → Containment, Eradication & Recovery → Post-incident Activity, and the loop’s value is as much in preparation and lessons-learned as in the live firefight. Tabletop exercises rehearse the plan so roles, comms, and decisions are practiced before a real incident tests them.