Cyberattacks are now a permanent and persistent threat to organizations across all industries and regions. It is no longer a matter of if a cyberattack will happen, but when. How seriously an attack impacts an organization can often depend on if they are prepared and how effectively their response is.
The key to an effective incident response that mitigates damage is a comprehensive plan. That plan's formal name is an Incident Response (IR) Plan. An IR plan is usually created as a cooperative effort between your organization’s leadership and its IT team to guide all staff through the steps needed to respond during a cyberattack.
In general, when developing your organization’s IR Plan, ensure it includes the following topics:
Define activity and incidents that your organization considers reportable and that may require a response.
Instructions for how and to who users should report suspicious activity and suspected incidents.
Define roles and responsibilities for staff during incident response.
Provide step-by-step instructions for investigation and remediation of the incident.
Provide explicit instructions on who can and who cannot speak to the media or other authorities concerning the incident.
Contact the DIG to learn more about preventative cybersecurity. Thank you!