An Incident Response Plan entails the process to be followed should an “incident” occur within a business or organisation. While the industry that the business operates in would dictate what the nature of the incident could be, a Security Incident Response Plan would comprise a plan for dealing with an information security crisis (such as a data breach).
The Plan should offer an organized approach to addressing and managing the consequences of a breach or security attack. This is essential to mitigating the negative effects of a security breach, providing an ordered plan to follow, rather than grasping for possible solutions in the heat of the moment.
The Security Incident Response Plan typically starts with preparation (the drafting of the Plan and its on-boarding to relevant staff). If an incident has occurred, the Plan dictates that the incident be detected and identified, contained, mitigated and eradicated, remediated and recovered, and – finally – measured. If any weak points are identified, the Plan should be adjusted accordingly, in preparation for the possibility of a new incident arising.
This requires that the Plan not only exist, but that it is well known and implemented throughout the organisation.
Does your organisation have an Incident Response Plan? Do you know what it says?
To protect your organisation’s information security, and to ensure data protection compliance, contact Kaluma for customised software solutions that support the unique requirements of your organisation’s data security: CLICK HERE.
Image courtesy of Stuart Miles at FreeDigitalPhotos.net