Incident handling is an action plan developed (by an organization or individual) to counteract intrusions, cyber-theft, denial of service, fire, flood, and any other security-related events. It comprises six process steps: preparation, identification of attack, containment of attack, eradication, recovery, and analysis (lessons learned documentation).