A comprehensive and regularly tested cybersecurity incident response plan is an essential part of an effective cybersecurity program. In September 2020, the cybersecurity agencies of the Five Eyes nations – Australia, Canada, New Zealand, the United Kingdom and the United States – issued a technical advisory to help organizations pro-actively defend against, and effectively respond to, cybersecurity incidents. The Advisory provides useful guidance for establishing and assessing the technical aspects of a cybersecurity incident response plan.
Cybersecurity Incident Response Plans
The Canadian Centre for Cyber Security’s National Cyber Threat Assessment 2020 reports that cybercrime remains the most common threat faced by Canadian organizations of all sizes. A comprehensive and regularly tested cybersecurity incident response plan enables an organization to rapidly respond to cybersecurity incidents in an effective and lawful manner, and is an essential part of a cybersecurity program. In many circumstances, there is a legal requirement – imposed by statute, contract or generally applicable common law or civil law – for an organization to have a suitable incident…