Incident Response Response

Things happen all the time in the digital world. Often they go unnoticed for a long time and sometimes things go our way and we are aware of something going awry early on. When this happens we need to be prepared. We need to have a plan in place to deal with all that is involved in tracking a cyber criminal. Now I'm not a forensics guy for that you need to talk with Harlan Carvey
or The Security Monkey but I do know enough to realize that there are some best practices that you can employ to make the job of IR and forensics much easier. The nice people over at Network World have even put together a good article for you on how to be prepared for your next hack.
It covers many things that you need to do to ensure that you are covering the bases. Many of the things that they talk about can be easily forgotten in the heat of the moment but they are crucial in the investigation process.