Incident Response Plan

Having some type of Incident Response Plan in place is an important step in making your company more resiliant. It does not need to be complex or expensive.

On the very simple end of the scale, your Incident Response Plan can be a list of names and phone numbers for people who need to be contacted in the event of a cybersecurity incident or data breach.

On the high end, your plan might include technical procedures to shut down critical systems, multiple administrative steps, and instructions for contacting senior management, law enforcement and outside services and consultants.

According to security experts, a simple Incident Response Plan should contain the following sections:

1. Preparation
2. Detection and analysis
3. Containment, eradication, and recovery
4. Post-incicdent

Need some motivation?

1. Imagine sitting down at your desk tomorrow morning and being greeted by a Ransomware demand on your desktop computer. Who do you tell? Should you pay the attackers their demanded ransom? Where are your backups located?
2. Customers are calling to tell you that their sensitive information seems to be showing up on the dark web. And they are wondering if your database has been hacked and their information stolen. What's your first step?