IODEF purposes
A uniform incident classification enables applications such as:
- uniform internal incident storage
- incident handling between teams made easier (only one team needs to classify and analyze the complete incident, the other team can re-use this data)
- uniform incident reporting by victims to CSIRTs
- uniform statistic generation and exchange, for both domestic use and exchange of data between teams. Over time a distributed incident statistics infrastructure can evolve
- trend-analysis for reoccurrence of incidents, victims, attackers, etc.
- trend-analysis for relations between scans and attacks and thus begin working on pro-active incident response