Incident Response: The Gaps
b"To respond to a security incident, an organization must first be aware of it. But too many intrusions go undetected, says Rob Lee of SANS Institute. That's the first problem that needs to be addressed."