Many companies today have developed a Cybersecurity Incident Response (IR) plan. It’s a sound security practice to prepare a comprehensive IR plan to help the organization react to a sudden security incident in an orderly, rational manner. Otherwise, the organization will develop a plan while frantically responding to the incident, a recipe ripe for mistakes.
Heavyweight boxer Mike Tyson once said, “Everybody has a plan until they get punched in the mouth.”
A significant cybersecurity incident is an equivalent punch in the mouth to the cybersecurity team and perhaps the entire organization. At least at first.
Developing an Incident Response plan is undoubtedly smart, but it only gets the organization so far. Depending on the severity of the incident and the level of cybersecurity expertise within the breached organization, a cybersecurity incident often leads to panic and turmoil within the organization – plan or no plan.
It’s very unsettling to have systems and data locked by ransomware or not knowing whether a potential intruder hidden on the network is continuing to do damage and exfiltrate data.
One of the first things most breached organizations do is call in a seasoned,…
http://feedproxy.google.com/~r/TheHackersNews/~3/P1T4GbC3qLE/incident-response-software.html