The cyber incident response plan: The power is in the process

Every cyber expert, regulator and standards body will say you should have a cyber incident response plan. What these authorities don’t tell you is that not all plans are created equal. Without the proper process, most aren’t worth much.

Too many organizations approach preparing incident response plans focusing on the deliverable. They want a cyber incident playbook they can dust off and rely on in the heat of crises.

An incident response plan is better conceived of as a vehicle for issue identification, problem solving, collaboration and continuous learning. The true value of an incident response plan comes from the act of preparation itself, if – and only if – you prepare it the right way.

Read the article authored by my partners Dan Michaluk and Eric Charleston on this topic.

This content has been updated on June 3, 2022 at 21 h 29 min.