http://cyfun.data.gift/data/requirement_RS_AN_03_1

http://cyfun.data.gift/data/requirement_RS_AN_03_1
Concept

Properties and relations

Direct links from the subject.

Property Value

type

The subject is an instance of a class.

http://cyfun.data.gift/ontology#Requirement

type

The subject is an instance of a class.

Concept

An idea or notion; a unit of thought.

label

A human-readable name for the subject.

RS.AN-03.1: Each incident shall be analysed to determine what occurred and to identify its root cause.

http://cyfun.data.gift/ontology#requirementId

RS.AN-03.1

http://cyfun.data.gift/ontology#foundIn

http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p167

has broader

Relates a concept to a concept that is more general in meaning.

http://cyfun.data.gift/data/subcategory_RS.AN-03

note

A general note, for any purpose.

<div><p>The goal of this control is to understand the full scope of a cybersecurity incident and identify its root cause, enabling effective response and prevention of similar future events. To achieve this goal, the organisation should consider the following:</p><ul><li>The sequence of events during the incident should be reconstructed, identifying which systems, assets, and resources were involved.</li><li>Vulnerabilities, threats, and threat actors linked to the incident should be identified, whether directly or indirectly involved.</li><li>Forensic analysis should be used when necessary to examine collected data and determine the root cause.</li><li>The analysis should focus on identifying underlying, systemic causes, not just immediate triggers.</li><li>Cyber deception technologies should be reviewed for additional insights into attacker behaviour.</li></ul></div>

note

A general note, for any purpose.

The goal of this control is to understand the full scope of a cybersecurity incident and identify its root cause, enabling effective response and prevention of similar future events. To achieve this goal, the organisation should consider the following: • The sequence of events during the incident should be reconstructed, identifying which systems, assets, and resources were involved. • Vulnerabilities, threats, and threat actors linked to the incident should be identified, whether directly or indirectly involved. • Forensic analysis should be used when necessary to examine collected data and determine the root cause. • The analysis should focus on identifying underlying, systemic causes, not just immediate triggers. • Cyber deception technologies should be reviewed for additional insights into attacker behaviour.

note

A general note, for any purpose.

The goal of this control is to understand the full scope of a cybersecurity incident and identify its root cause, enabling effective response and prevention of similar future events. To achieve this goal, the organisation should consider the following: - The sequence of events during the incident should be reconstructed, identifying which systems, assets, and resources were involved. - Vulnerabilities, threats, and threat actors linked to the incident should be identified, whether directly or indirectly involved. - Forensic analysis should be used when necessary to examine collected data and determine the root cause. - The analysis should focus on identifying underlying, systemic causes, not just immediate triggers. - Cyber deception technologies should be reviewed for additional insights into attacker behaviour.

note

A general note, for any purpose.

The goal of this control is to understand the full scope of a cybersecurity incident and identify its root cause, enabling effective response and prevention of similar future events. To achieve this goal, the organisation should consider the following: - The sequence of events during the incident should be reconstructed, identifying which systems, assets, and resources were involved. - Vulnerabilities, threats, and threat actors linked to the incident should be identified, whether directly or indirectly involved. - Forensic analysis should be used when necessary to examine collected data and determine the root cause. - The analysis should focus on identifying underlying, systemic causes, not just immediate triggers. - Cyber deception technologies should be reviewed for additional insights into attacker behaviour.

notation

A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme.

RS.AN-03.1

alternative label

skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties.

Incident root cause analysis

preferred label

A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag.

Each incident shall be analysed to determine what occurred and to identify its root cause.

is in scheme

Relates a resource (for example a concept) to a concept scheme in which it is included.

http://cyfun.data.gift/data/CyFun2025

is in scheme

Relates a resource (for example a concept) to a concept scheme in which it is included.

http://cyfun.data.gift/data/CyFun2025_delta_IMPORTANT_to_ESSENTIAL

is in scheme

Relates a resource (for example a concept) to a concept scheme in which it is included.

http://cyfun.data.gift/data/CyFun2025_ESSENTIAL

http://cyfun.data.gift/ontology#level

http://cyfun.data.gift/data/level_ESSENTIAL

triple count

The number of triples associated with the subject.

17

in dataset

Specifies the dataset the subject is part of.

http://data.gift/d/datasets/69E8863AA6CE46D9ACD13109

Resultaten 1 - 19 of 19

References

Inverse links to the subject.

Property Subject

http://cyfun.data.gift/ontology#hasRequirement

http://cyfun.data.gift/data/subcategory_RS.AN-03

has narrower

Relates a concept to a concept that is more specific in meaning.

http://cyfun.data.gift/data/subcategory_RS.AN-03

Resultaten 1 - 1 of 1