A decision Tree to Inform as to how IS responds to High CI alerts on stealthwatch
|
|
|
|
|
|
|
|
|
|
|
| |
|
Sever teams
CIMS UNIX and DBA
| NO
|
Is this a re-occurring high CI issue
| NO
|
User machine and mitigate
|
|
|
|
NO
|
|
|
YES
|
|
|
Stealthwatch high CI report
|
|
Is this a users machine
|
| |
|
ITS Security
for assessment
and documentation
|
|
Team leaders and Business dept heads to address
|
|
|
|
YES
|
|
|
YES
|
|
|
|
| |
|
IT Client Support
|
|
Is this a re-occurring high CI issue
| NO
|
Patch machine or other measures and mitigate
|
|
|
|
|
|
|
|
|
|
|
| |
| |
| |
| |
|
|
|
|
|
|
|
|
|
|
| |
| |
| |
| |
|
|
|
|
|
|
|
|
|
|
| |
| |
| |
| |
|
|
|
|
|
|
|
|
|
|
| |
| |
| |
| |
|
|
|
|
|
|
|
|
|