In todays age, it’s not a matter of if but when your organization will suffer a data breach. In all likelihood, you won’t know where an attack on your information is coming from nor will you know when it’s going to happen. But it’s only a matter of time before a breach will hit your organization. Every connected system on the Internet is getting probed and prodded on a daily basis. As bad actors leverage more attack vectors, employ more advanced tactics, and technologies, we’re now living in a time of “continuous compromise.”
I’m sure Ben wasn’t referring to cyber attacks when he penned that famous quote but it still applies today. Formulating a simple, effective Incident Response Plan can be the difference between successfully responding to a breach and going out of business or at the very least suffering reputational damage and significant fines and monetary losses.
Readiness Assessment – During the Readiness Analysis, we will conduct interviews with key stakeholders responsible for the administrative, operational or technological aspects of your cyber security program. Our primary focus will be on reviewing the existing procedures as they apply to cyber incident response and their implementation across the organization.
Establish Executive Ownership – We’ll work with you to identify an executive sponsor for the plan. This will ideally be a person who will ultimately take on responsibility for the plan and for integrating incident-response efforts across business units.
Gather All Relevant Information – Working with key stakeholders, we will take a look at the types of incident activity currently being reported. We will also meet with key stakeholders to discuss not only their incident response needs,
but to achieve an initial consensus on the expectations, strategic direction, definitions, and responsibilities of the IRP. The stakeholders could include but are not limited to:
Develop Escalation Paths – We will establish processes for making major decisions and escalation paths for each of the scenarios. During this phase we’ll also identify key external stakeholders, such as law enforcement and governing bodies.
Create Incident Response Plan – Once all the previous steps have been complete we’ll create a single comprehensive Incident Response Plan that your organization.
