• Home
  • Blog
  • Products
    • Partner Subscription
    • Breach Prevention Platform
    • HIPAA Services
    • Dark Web Monitoring
    • In-Email Training & Email Analysis | Catch Phish Outlook Plug-In
  • Request a Demo
  • About Us
  • Contact Us

Call us at: 877-275-4545

Partner? Login here
Breach Secure Now!Breach Secure Now!
  • Home
  • Blog
  • Products
    • Partner Subscription
    • Breach Prevention Platform
    • HIPAA Services
    • Dark Web Monitoring
    • In-Email Training & Email Analysis | Catch Phish Outlook Plug-In
  • Request a Demo
  • About Us
  • Contact Us

How to Create an Incident Response Plan

November 29, 2021 Posted by Art Gross Data Breach, Ransomware No Comments
Incident Response Plan

We often discuss the proactive approach that you should take when it comes to cybersecurity.  Security risk assessments will identify the gaps, ongoing training will help to strengthen the human risk factor, and tools like Catch Phish will keep the team engaged and learning along with those training programs.  But the fact is, you can’t eliminate all the risks that your clients face when it comes to experiencing a data breach.  That means that having an incident response plan (IR) should be on your list of “must-haves” when it comes to smart cybersecurity. 

What is an Incident Response Plan?

The name says it all. If there’s an incident, how are you going to respond?  How will your clients respond? Don’t assume that they have a plan in place. You are the IT expert and trusted advisor and the first person that they will turn to when a cyberattack occurs.  And, according to recent statistics, there is a good chance that they will be one of the victims that is hit every 11 seconds.  And yes, it is likely to happen to a business regardless of size or industry.  

How Do I Create an Incident Response Plan?

The first thing to remember about creating an IR plan is that it is not a one-and-done event.  This is a “living” document that will need to be reviewed regularly and updated as changes occur to the business environment, including when there are adjustments to hardware and personnel. Going over your clients’ IR plan with them at their quarterly reviews is highly recommended. This will give you an opportunity to discuss any changes, including those that you may not have been made aware of, and it also strengthens your relationship with them as their trusted IT advisor. 

Identify key players within the client organization.  This may include their contacts outside of the business such as a PR firm, insurance agent, or legal team that they already work with.  If they don’t have these individuals defined, have a list of people at the ready for when you need them.  And it is very likely that you will need them.  Scrambling to find help only worsens a crisis. 

For all critical roles, identify who the person is, list out all of their contact information, and then identify who the backup would be for that person.  The impact of a breach will be felt immediately by the person answering the phone.  Define for them what they should or should not say if a breach occurs.  Prepared scripts can be very helpful. 

Appearing unprepared to handle the crisis at hand can cause more damage to undo, so readying the team for any call or email which lands on their desk is going to serve the entire team well in the long run.

Preparation is Key

You can’t prepare for the exact scenario that you will face in the event of a cyberattack, but you can prepare for how you will react to the unknown.  Give your clients a copy of the plan, ask that every employee acknowledge it – even reviewing it together can be a team-building exercise with a lasting impact!  And have a one-page “do this immediately” list for each employee to keep at their desk should a breach occur. 

As you build the process for this “fire drill” for your clients, ensure that you have your own plan in place for your business.  Breach Secure Now Partners get access to a written Security Incident Response Policy, as well as templates for creating an Incident Response Team, and more! Contact us today for help with how to strategize with your clients for a smart and strong cybersecurity posture.

Tags: CybersecurityData BreachPhishingRansomware
No Comments
Share
0

You also might be interested in

Welcome to Breach Secure Now!

Oct 28, 2014

The Breach Secure Now! website will try to educate and[...]

Top 5 Security Actions Every CEO Should Take

Nov 21, 2014

An article over at Security Intelligence discusses the 5 actions[...]

Hey Small Business: You ARE a cyber-target!

Nov 22, 2014

The security firm, FireEye, has a very eye opening report[...]

Leave a Reply Cancel Reply

Dark Web Assessments

free dark web breach assessment

Search

Recent Posts

  • End of Year Preparation December 1, 2023
  • Breach Secure Now Appoints Tracie Crites as Chief Channel Officer November 7, 2023
  • The Growing Influence of AI on Phishing Emails November 3, 2023
  • Recognizing and Defending Against Deepfake Scams October 27, 2023
  • 20 Years of National Cybersecurity Awareness Month October 20, 2023

Contact Us

  • Breach Secure Now!
  • 55 Madison Ave, Suite 400 Morristown, NJ 07960
  • 877-275-4545
  • info@breachsecurenow.com

Get Social

Schedule a Demo

Recent Blog Posts

  • End of Year Preparation December 1, 2023
  • Breach Secure Now Appoints Tracie Crites as Chief Channel Officer November 7, 2023
  • The Growing Influence of AI on Phishing Emails November 3, 2023

© 2023 · Breach Secure Now!

Prev Next