This may seem obvious but Incident “Response” is about efficiently and effectively responding to an incident. It should not be the time where you “test” or start to develop your incident response plan. The great thing is that you actually have the power to proactively address these challenges. It’s all about planning and understanding the value of a pre-defined incident response plan.
These questions are based on what we observe on an all too frequent basis, and if you feel uncomfortable answering them with confidence you will likely have major hurdles while responding to incidents.
Are your problems on this list?
- You immediately realize your organization’s incident response plan is non-existent and struggle to effectively respond to an incident.
- Your incident response plan is not documented at all.
- You realize your incident response team is not trained, or does not understand today’s threats or how to respond to them.
- When under attack, do you have to convince executive leadership to allow emergency budget to mitigate the attack?
- Are you comfortable enough to stand in front of your board of directors and confidently say you did EVERYTHING you could have done to PROACTIVELY mitigate the impact of an attack?
The funny thing about incident response is that you do not have to wait until an incident to determine how to handle one. However, most organizations do just that.
The best time to do this is NOW. Don’t think about it, do it, and do it before you experience your next incident. You’ll be glad you did.