Organizations today face a myriad of threats to their business. Phishing, ransomware, insider attacks and software vulnerabilities are just a few of the attacks possible on your data. Although large organizations have comprehensive plans in place for such incidents, what about the small or medium size enterprises? As we do more and more things online, these threats apply to EVERY business.
Creating an Incident Response Plan is now more relevant than ever before. Not investing in this type of protection can cost you big time! Alcea RiskMgr allows you the flexibility to create your Incident Response Actions in an all-encompassing software tool configured to fit your unique business.
The NIST Cybersecurity Framework includes Incident Response as one of the pillars of creating an all- encompassing plan.
An incident response plan should include the following:
- Identify the Incident Response Team – include roles, responsibilities and contact details;
- Identify and prioritize the incident – rank the level of risk to the organization and detail the type of response required;
- Review all possible outcomes of the attack and implement the predetermined risk responses;
- Review the pre-determined legal and compliance reporting requirements that your company must meet;
- Implement the Incident Response using the pre-determined scenarios in your risk register
- Containment procedures
- Eradication methods
- Recovery from the attack
- Lessons learned
Although this list is very high level it is the basic premise of documenting your risks and having a solid plan to deal with any incident(s) that may arise.