IR-04(04) Information Correlation

Correlate incident information and individual incident responses to achieve an organization-wide perspective on incident awareness and response.

Baselines

Guidance

Sometimes, a threat event, such as a hostile cyber-attack, can only be observed by bringing together information from different sources, including various reports and reporting procedures established by organizations.