4 Tips to Create an Incident Response Plan


Tips for Creating an Incident Response Plan

Data breaches are extremely common as technology continues to advance. Of those breaches, small and medium-sized businesses (SMBs) are a favored target for cybercriminals.  In fact, more than 70% of attacks target small businesses, according to the National Cyber Security Alliance, and as many as 60% of hacked SMBs go out of business following a data breach.  With the stakes so high, having an Incident Response Plan is pivotal for SMBs in the event of a breach.

You can offset the chance of an attack with training and security measures, but are you positioned to react if you are attacked? Having your business and team up to speed is essential.

Here are 4 tips for how you can get your incident response plan or cyber response ready.

First, take inventory of your assets

Do an initial asset audit and put a dollar value on each item.  This will assist you in prioritizing your incident response efforts as well as knowing how one asset can affect others.

Second, assess your vulnerabilities

Where are you weak and where are you strong?  This can be an extensive process but will allow you to not only make your business more efficient but also offset the risk of an attack.  Consider this as a starting point – how many employees do you have?  Each one of those individuals represents another set of risks.  Are you training them regularly?  Do they know what a phishing email is and how it can endanger not only their individual cybersecurity but the business as a whole?

Unfortunately, we don’t always see the gaps in our processes and business until they are exposed. Try to run through a scenario with the entire group to gain input into how they would see it play out and would be affected.  This not only allows you to see different perspectives, but also reminds each team member how they contribute to the bigger picture, and how they can be a part of prevention.

Third, assemble a team

Be sure to get representation from all divisions of your business.  Each individual should have a well-defined goal to not only improve group efficiency and input but also be a responsible and effective part of the incident response team should an attack occur.

Next, build an action plan

With input from your team members and the risks and assets defined, you can build a plan to respond to an attack as well as minimize the chance of that happening.  Outline each step and include as much detail as possible.  Get your workforce involved by asking for input and feedback along the way. The more involvement your team has, the more likely it is that you will uncover and fix all risks and have their full engagement in case of an attack.

Enact dry runs and ongoing training programs to ensure that new employees are up to speed, and existing employees are well trained. Continue to audit and evaluate your plan – including risks and assets on a regular basis.  Doing a quarterly evaluation would be ideal.

Finally, as with most of the experiences in life, you can never be too prepared.  Should an attack occur, the quicker you can react, the more likely you are to survive.

Having trouble with IT?