Do you have an incident response plan in place?

Without a plan, you are flying blind. Here are 9 steps that you should follow.

Details matter when developing an incident response (IR) plan. But, even the most successful IR plans can lack critical information, impeding how quickly normal business operations are restored.

This guide from Cybereason takes a closer look at nine of the often forgotten, but important steps that you should incorporate into your IR plan.

Preparation across the entire company

Good security leaders should be able to get people from across the company to help develop the IR plan. While CISOs will most likely manage the team that handles the threat, dealing with the fallout from a breach requires the efforts of the entire company.

For instance, a bank handling the impact of a breach may need help from its public relations staff if the organization is legally required to publicly disclose the incident.

The bank’s Web development team may also need to be involved if the adversaries carried out their attack by exploiting a vulnerability in the company’s website, like a WordPress flaw. Additionally, the company’s human resources department may need to be contacted if employees’ personal information was disclosed. The bank’s incident response plan should include input from all of these departments.

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!