ABSTRACT

Businesses depend heavily on the availability of data networks to conduct commerce. A virus incident that takes down hundreds of workstations or servers for a day could cost a company millions of dollars in unproductive staff time, as well as the cost of IT and security staff working around the clock to get these systems back up. With the advent of sophisticated self-propagating threats, a computer security incident response team (CSIRT) has minutes, not hours, to respond to curb the impact of a virus or worm.