How to Setup an Incident Response Plan

how to setup an incident response plan

We know that it’s important for employees to care about cyber security but what do they know what to do if an incident occurs?

What classifies as an “incident?”

There doesn’t have to be a full-blown breach to classify an incident. Anything that raises a red flag would be considered an incident. For example:

  • An email asking for personal information
  • Passwords suddenly not working
  • An influx of pop-up ads
  • No longer being able to access data files
  • Your computer keeps crashing

How to set up a response plan

Your incident response plan will determine the steps to take from the beginning to the end, and everything in between, of a cyber security incident.

Step 1: Prepare for an incident by developing policies and procedures to help employees to recognize potential threats

Step 2: Detect the threat

Step 3: Evaluate the threat level and impact it has on your business if it isn’t solved as soon as possible

Step 4: Respond to the threat and reduce further damage by isolating affected systems

Step 5: Review the incident response process and determine what could’ve been done differently to avoid this from happening again

Your company’s Security Team should keep updated resources in place for cyber security incidents and every employee should have access to these resources. A stronger team means stronger cyber security defence.