Incident handling involves preparing for, identifying, containing, eradicating, recovering from, and following up on security incidents. An incident is any event that threatens the security of systems and networks, such as system crashes, unauthorized access, or malware. Incident handling procedures include isolating affected systems, notifying authorities, identifying threats, containing damage, collecting evidence, and analyzing the cause of incidents. Computer security incident response teams coordinate incident response and work to secure networks from foreign attacks.