We know that it’s important for employees to care about cyber security but what do they know what to do if an incident occurs?
What classifies as an “incident?”
There doesn’t have to be a full-blown breach to classify an incident. Anything that raises a red flag would be considered an incident. For example:
- An email asking for personal information
- Passwords suddenly not working
- An influx of pop-up ads
- No longer being able to access data files
- Your computer keeps crashing
How to set up a response plan
Your incident response plan will determine the steps to take from the beginning to the end, and everything in between, of a cyber security incident.
Step 1: Prepare for an incident by developing policies and procedures to help employees to recognize potential threats
Step 2: Detect the threat
Step 3: Evaluate the threat level and impact it has on your business if it isn’t solved as soon as possible
Step 4: Respond to the threat and reduce further damage by isolating affected systems
Step 5: Review the incident response process and determine what could’ve been done differently to avoid this from happening again
Your company’s Security Team should keep updated resources in place for cyber security incidents and every employee should have access to these resources. A stronger team means stronger cyber security defence.