Incident response (IR) plans are designed to test your company’s ability to respond to a security incident. The ultimate goal is to handle the situation so that it limits the damage to the business while reducing recovery time and costs.
Sadly, most IR plans fail to deliver on this promise. For companies that have one — and according to one recent survey, one in three organizations don’t — they are bare-bone, poorly set out and rarely involve any other lines of business (LOB) aside from the InfoSec and IT teams. Many remain rarely tested and reviewed, as thus not fit for their purpose when that incident strikes.
1. Address business issues and assign roles
As evidenced above, too few firms have an IR plan. For those that do, even the best laid plans can lack critical information or not include the right people.
Read more here:: IT news – Security