1) The nature of cyber attacks has changed and now pose a serious threat as attackers are financially motivated and have access to powerful hacking tools, while law enforcement lacks resources to properly respond. 2) Traditional incident response methods are ineffective as they are reactive and lack coordination between technical and business teams, often making mistakes. 3) The document argues that organizations need to implement an agile incident response program including a computer security incident response team (CSIRT) that takes a proactive and coordinated approach to security incident prevention and management.