Part IV: Human Side of Incident Response

‚  < ‚  Free Open Study ‚  > ‚  

So far, the point of this chapter is how and why to add the human side to incident response investigation techniques. This section is going to shift gears slightly and focus on the incident responders themselves . First, what is an incident responder ? Who might likely end up in this type of job? What kind of hours do these responders keep? Understanding the personalities and the dynamics of an incident response team is also critical to its success. Incident response teams are similar in dynamics to firefighters and SWAT teams . They consist of bright, highly energized people who like to think, solve problems, be challenged, and respond in a time of crisis. Incident responders themselves live for the incident and the uncertainty. Every incident is different, exciting, and new. The one thing that incident responders do not realize or ever focus on is the physiological and psychological strain being placed on them and the people around them. Fatigue, stress, dehydration, sleep depravation, and lack of food are common byproducts of responders working a long, involved incident.

When the incident response hotline rings, the responders kick into motion. This is the fun part of the job ‚ incident investigation. People become incident responders because they respond well to pressurized situations and like the adrenaline boost that surges during times of crisis. Not only do responders like the initial excitement of a case, they hang on much longer than they should without appropriate rest, food, and water. When an incident carries on for more than 48 hours, incident responders start to suffer from sleep deprivation. During the course of that first 48 hours, these team members are not likely to stop for a healthy meal or a drink near enough to water to maintain proper hydration. The stresses and challenges of the case are probably catching up with everyone. Between fatigue and a lack of food, sleep, and water, combined with the normal frustrations of the investigation itself, the incident response team is wiped out by now. Well before getting to this stage at 48 hours, the team was possibly starting to operate slower, starting to think less clearly and slower, and perhaps even starting to make a few minor mistakes. Decision-making skills and the ability to make good judgments are adversely related to lack of sleep, food, and water. It is sometimes difficult for the team members to realize they are experiencing symptoms of exhaustion. Communication begins to break down between the team when everyone is tired , hungry, and probably a bit cranky.

In addition to the responder's issues of fatigue, it is a good idea to recognize that although 48 hours might go by in a flash for the responder, his or her friends , family members, and other colleagues might need to be in touch. During long-standing incidents, incident responders have been known to remain at the office for hours and hours or even days at a stretch. Firefighters and police officers know that their family lives and personal lives can suffer dramatically due to their intense work schedule.

To prevent some of these problems from occurring, incident response teams should do the following:

  1. Create policies that encourage shift work during long hours.

  2. Have on site provisions for a few days (juices, bottled water, food).

  3. Have fly-away kits prepared with a mini version of certain provisions so that when the team is on the road, the bag already contains sustenance.

  4. Have a quiet room somewhere or maybe part of the lab to have cot, couch , or resting place for the team.

  5. Make sure there is scheduled time for all the responders to call home or friends to maintain contact.

The maintenance of a physically and mentally healthy incident response team is too important not to consider. The successful closure of a case might depend on it.

‚  < ‚  Free Open Study ‚  > ‚  


Incident Response. A Strategic Guide to Handling System and Network Security Breaches
Incident Response: A Strategic Guide to Handling System and Network Security Breaches
ISBN: 1578702569
EAN: 2147483647
Year: 2002
Pages: 103

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net