When we turn our minds to matters of e-security, our first thoughts tend to be about defenses such as firewalls and intrusion detection. And rightly so. After all, there is much wisdom in the pursuit of prevention before cure. But, what happens when our defenses are breached? How should we respond to such an incident?