With today’s cybersecurity threats, companies need to not only defend their perimeter, but also mitigate the effects of inevitable breaches or other cyberincidents. This can be done through an effective incident response (IR) plan which identifies risks, and has clear points for decision making and escalation paths. The objectives of a good IR plan should be to limit damage, increase the confidence of external parties, and reduce recovery time and cost. A good plan will be pervasive across the whole business.
A deficient plan usually has the following: