• Home
  • Blog
  • Products
    • Partner Subscription
    • Breach Prevention Platform
    • HIPAA Services
    • Dark Web Monitoring
    • In-Email Training & Email Analysis | Catch Phish Outlook Plug-In
  • Request a Demo
  • About Us
  • Contact Us

Call us at: 877-275-4545

Partner? Login here
Breach Secure Now!Breach Secure Now!
  • Home
  • Blog
  • Products
    • Partner Subscription
    • Breach Prevention Platform
    • HIPAA Services
    • Dark Web Monitoring
    • In-Email Training & Email Analysis | Catch Phish Outlook Plug-In
  • Request a Demo
  • About Us
  • Contact Us

How to Create an Incident Response Plan

November 29, 2021 Posted by Art Gross Data Breach, Ransomware No Comments
Incident Response Plan

We often discuss the proactive approach that you should take when it comes to cybersecurity.  Security risk assessments will identify the gaps, ongoing training will help to strengthen the human risk factor, and tools like Catch Phish will keep the team engaged and learning along with those training programs.  But the fact is, you can’t eliminate all the risks that your clients face when it comes to experiencing a data breach.  That means that having an incident response plan (IR) should be on your list of “must-haves” when it comes to smart cybersecurity. 

What is an Incident Response Plan?

The name says it all. If there’s an incident, how are you going to respond?  How will your clients respond? Don’t assume that they have a plan in place. You are the IT expert and trusted advisor and the first person that they will turn to when a cyberattack occurs.  And, according to recent statistics, there is a good chance that they will be one of the victims that is hit every 11 seconds.  And yes, it is likely to happen to a business regardless of size or industry.  

How Do I Create an Incident Response Plan?

The first thing to remember about creating an IR plan is that it is not a one-and-done event.  This is a “living” document that will need to be reviewed regularly and updated as changes occur to the business environment, including when there are adjustments to hardware and personnel. Going over your clients’ IR plan with them at their quarterly reviews is highly recommended. This will give you an opportunity to discuss any changes, including those that you may not have been made aware of, and it also strengthens your relationship with them as their trusted IT advisor. 

Identify key players within the client organization.  This may include their contacts outside of the business such as a PR firm, insurance agent, or legal team that they already work with.  If they don’t have these individuals defined, have a list of people at the ready for when you need them.  And it is very likely that you will need them.  Scrambling to find help only worsens a crisis. 

For all critical roles, identify who the person is, list out all of their contact information, and then identify who the backup would be for that person.  The impact of a breach will be felt immediately by the person answering the phone.  Define for them what they should or should not say if a breach occurs.  Prepared scripts can be very helpful. 

Appearing unprepared to handle the crisis at hand can cause more damage to undo, so readying the team for any call or email which lands on their desk is going to serve the entire team well in the long run.

Preparation is Key

You can’t prepare for the exact scenario that you will face in the event of a cyberattack, but you can prepare for how you will react to the unknown.  Give your clients a copy of the plan, ask that every employee acknowledge it – even reviewing it together can be a team-building exercise with a lasting impact!  And have a one-page “do this immediately” list for each employee to keep at their desk should a breach occur. 

As you build the process for this “fire drill” for your clients, ensure that you have your own plan in place for your business.  Breach Secure Now Partners get access to a written Security Incident Response Policy, as well as templates for creating an Incident Response Team, and more! Contact us today for help with how to strategize with your clients for a smart and strong cybersecurity posture.

Tags: CybersecurityData BreachPhishingRansomware
No Comments
Share
0

You also might be interested in

Welcome to Breach Secure Now!

Oct 28, 2014

The Breach Secure Now! website will try to educate and[...]

Top 5 Security Actions Every CEO Should Take

Nov 21, 2014

An article over at Security Intelligence discusses the 5 actions[...]

Hey Small Business: You ARE a cyber-target!

Nov 22, 2014

The security firm, FireEye, has a very eye opening report[...]

Leave a Reply Cancel Reply

Dark Web Assessments

Search

Recent Posts

  • The Importance of Ongoing Cybersecurity Training March 17, 2023
  • Chatbots and Human Error March 10, 2023
  • What is CIRCA? March 3, 2023
  • The Importance of Ongoing Engagement & Marketing February 24, 2023
  • Mental Health Data for Sale February 17, 2023

Contact Us

  • Breach Secure Now!
  • 55 Madison Ave, Suite 400 Morristown, NJ 07960
  • 877-275-4545
  • info@breachsecurenow.com

Get Social

Schedule a Demo

Recent Blog Posts

  • The Importance of Ongoing Cybersecurity Training March 17, 2023
  • Chatbots and Human Error March 10, 2023
  • What is CIRCA? March 3, 2023

© 2023 · Breach Secure Now!

Prev Next