When a threat in a computer or telecommunications systems is discovered, response resources must be directed to a physical location of the equipment associated with the threat. In practice, this requires extensive efforts to correlate existing threat information, router traffic information, and physical location of impacted/suspect devices to dramatically reduce response time. For example, most responses to a threat require manual review of information, such as TCP/IP switch logs, call data records, advanced intelligent network logs, and with subsequent manual drawing of network “maps.” In addition, responses to such a threat include trying to mitigate an intrusion in a sequential or business prioritization order while these efforts are being undertaken. As a result, current response schemes do not allow for an organization's response or management team to easily identify the geographical location of the threats and the locations at which resources are most needed. More specifically, current response schemes do not allow timely access to geographical views of the locations of the threats together with information relating to the status or progress of the response to the threats.