H.Carvey has an excellent Blog which is titled "Windows Incident Response" and as such is packed full of interesting content detailing the trials and tribulations associated with effective incident response. There's a nice summary post here which looks at trends and discusses how to combat the risks.