Broker Check

A Cyber Incident Response Plan

August 17, 2021

Cyber Management Alliance has a free cyber incident response plan template on their website Based on the guide created by NIST, here are its six components:

  1. Prepare: Align policies on personal information, data protection and network security with your technology infrastructure. Identify critical assets.
  2. Identify: Know when you've suffered a breach. Establish who discovered it, the extent, if operations are affected and the possible source. Document everything.
  3. Contain: Mitigate the damage. Determine what systems have to be taken offline, if anything can be deleted, short and long term strategy.
  4. Eradicate: Patch vulnerabilities, remove malware and update software. Wipe all malicious content without deleting needed data.
  5. Recover: Get back online once the system has been repaired.
  6. Lessons learned: Review the incident so it will not be repeated.

Since "everyone can and will be breached" it is important to have a plan in place in advance.