Geographical Mapping of Incidents
Respond (CFTR) seamlessly integrates with Google Maps to display incident locations. Utilizing geospatial data, the map view offers insights into incident distribution and patterns. This helps security analysts associate incidents with geographic locations for effective response planning.
Key Advantages
Some of the key advantages of the geographical mapping of incidents include:
Enhanced situational awareness: Geographical mapping visually represents the locations of security incidents, enabling teams to quickly identify similar occurrences in other locations and understand the severity of the incident.
Accurate risk assessment: By identifying the exact locations of security incidents, organizations can assess the risk levels for specific regions and assets, enabling targeted risk mitigation strategies.
Effective resource allocation: Geospatial data empowers organizations to allocate resources, both human and technological, to locations with higher incident counts. This ensures prioritized response to locations where it is most needed.
Collaboration and communication: Visual representations simplify complex data for non-technical stakeholders, aiding in effective communication and collaboration across diverse teams.
Some of the use cases of the geographical mapping of incidents are:
Predict incident patterns: Mapping incidents geographically provides insights into impacted locations and the likelihood of similar occurrences elsewhere. For example, if phishing attacks surge in London and a similar pattern emerges in Manchester, analysts can swiftly address the potential spread.
Strategically plan incident response: In a globally distributed organization, incidents occur in various locations. Geographically mapping these incidents helps identify locations with a significant number of high-impact incidents, allowing for strategic planning and effective response.
Minimize incident outbreaks: Track incident counts in specific locations, identify incidents involving critical assets or devices, and promptly take action to mitigate potential damage. For example, if Texas reports 100 incidents per hour and California reports 20 but with numerous impacted assets, analysts prioritize California for a swift response to reduce the outbreak.
View Impacted Locations of Incidents
To view the impacted locations of incidents, follow these steps:
Go to Menu > Incidents.
On the top right expand the View By drop down.
Select Map. The geographical map displays incidents along with their locations.
How to use map view for incidents?
To view incident location details on the map, follow these steps:
After incidents are opened in the map view, the map globally displays the incident count and locations. Click on the number to access detailed incident locations within that region. For example, clicking on 50 incidents in the US reveals specific locations, like 20 in Chicago, 5 in Boston, and so on.
Note
For locations with only one incident, the map displays an incident icon instead of a numerical count.
To drill down the exact location of the incident, click the incident number.
After the exact incident location is displayed, click the incident icon to know the number of incidents in that location, their titles, and incident IDs. To view the details of an incident, click the incident ID or title, and you are directed to the summary page of that incident.
To view the list of the incidents in that location, click View All.