As the year draws to a close, it is time for businesses across all industries and sectors to reflect and prepare for the upcoming new year. With this in mind, FIRST has produced 11 vital steps that organizations should take to improve their incident response strategy.
It is highly likely that an organization will face a cybersecurity incident of some sort at some point in its lifetime, regardless of the level of cybersecurity defense in place.
According to a global survey undertaken by Marsh in partnership with Microsoft, two-thirds of respondents ranked cybersecurity as a top five risk management priority, but only 19% expressed high confidence in their organization’s ability to manage and respond to a cyber event, and only 30% have developed a plan to do so.
Below are 11 steps that an organization should take to become more resilient against an incident.
Planning for a security incident
Assign a clear incident leader: During a response, coordination is needed across many teams, including Security, IT, Engineering, Operations, Legal, Human Resources and Public Relations. In most cases, technical response work will not all be conducted by a single team.
However,…
