An Operational Framework for Incident Handling.

The information security management is a widely discussed topic in recent years, due to the increasing number of attacks and the growth of the damage they can cause to the daily life of a society. In this context, new emerging paradigms, such as IoT, the CPS and Critical Infrastructure, converge towards common technologies, resulting in a dangerous interconnection and interdependence of worlds formerly separated, or even isolated. For this purpose, numerous cybersecurity frameworks have been defined, identifying organizational methodologies, mainly process-oriented, for managing a security infrastructure. This article is rather oriented to define a framework with a special attention to the management of the IT incidents, describing some minimal arrangements that need to be adopted in order to respond effectively and efficiently to a cyberattack, to mitigate the damages suffered and to limit the analysis and the recovery time.