Event and Alert in Cybersecurity - to determine as an incident in the IACS Cybersecurity one could not just look at it from IT's point of view alone.
Event and Alert need to be align with criticality of IACS asset in term of it's impact and etc. And when it is really an incident, knowing who to do what for making containment, eradication and mitigation is not by natural cognition,
It would need a well laid out plan, resource management review and practices
Koennen could help you in
- Developing a suitable plan that suite your control environment and
- Establish a workable steps in order to interact with an incident even by the novice personal