The Incident Response Plan – Preparing for a Rainy Day

The unfortunate truth is that while companies are investing more in cyber defenses and taking cybersecurity more seriously than ever, successful breaches and ransomware attacks are on the rise. While a successful breach is not inevitable, it is becoming more likely despite best efforts to prevent it from happening.

Just as it wasn’t raining when Noah built the ark, companies must face the fact that they need to prepare – and educate the organization on – a well-thought-out response plan if a successful cyberattack does occur. Obviously, the worst time to plan your response to a cyberattack is when it happens.

With so many companies falling victim to cyberattacks, an entire cottage industry of Incident Response (IR) services has arisen. Thousands of IR engagements have helped surface best practices and preparedness guides to help those that have yet to fall victim to a cyberattack.

Recently, cybersecurity company Cynet provided an Incident Response plan Word template to help companies plan for this unfortunate occurrence.

Planning for the Worst

The old adage “hope for the best, plan for the worst” is not entirely accurate here. Most companies are actively working to protect themselves from cyberattacks and certainly not merely hoping for the best. Even so, planning for what to do post-breach is a very worthwhile endeavor so the company can immediately spring into action instead of waiting for the plan to come together. When a breach occurs, and attackers have access to the network, every second counts.

An IR Plan primarily documents clear roles and responsibilities for the response team and defines the high-level process the team will follow when responding to a cyber incident. The IR Plan Template created by Cynet recommends following the structured 6-step IR process defined by the SANS Institute in their Incident Handler’s Handbook, which Read more:

Leave a Reply

Your email address will not be published. Required fields are marked *