The FBI once famously said: “There are only two types of companies: those that have been hacked and those that will be hacked.”
The Cyber Security Breaches Survey published by the government earlier this year reported that cyber security was a “high priority” for virtually all businesses.
However, that same survey revealed that just 19% of businesses have a formal incident response plan in place setting out the steps that ought to be taken in the immediate aftermath of a cyber attack.
Every business should have an incident response guide which sets out:
- the names and contact details of the people who will work together to resolve the incident; and
- the initial steps that should be taken upon discovering a cyber security incident.
The incident response team
One of the main priorities of an incident response plan is to create an incident response team which will deploy in the event of an attack. The plan should be kept up to date and include emergency contact details for the core incident response team.
The incident response team should include:
- An Incident Response Manager
This person is likely to be a senior manager within your organisation who will…
