The IT Law Wiki
Advertisement

Definition[]

Threat response involves

conducting appropriate law enforcement and national security investigative activity at the affected entity's site; collecting evidence and gathering intelligence; providing attribution; linking related incidents; identifying additional affected entities; identifying threat pursuit and disruption opportunities; developing and executing courses of action to mitigate the immediate threat; and facilitating information sharing and operational coordination with asset response.[1]

Overview[]

"DOJ, through the Federal Bureau of Investigation (FBI) and National Cyber Investigative Joint Task Force (NCIJTF), is the designated lead on threat response. Asset response and intelligence support responsibilities are led by other federal agencies."[2]

References[]

Advertisement