Tuesday, February 26, 2019

What’s the most important part of an incident response plan?

The most important part of an incident response plan is not the plan itself, but the actual regular testing, tweaking, and discussion of the plan.  How can a plan be useful if nobody knows where it is and their role and responsibilities within the plan?  Incident response planning should be an ongoing, yearly exercise with actual testing of the plan performed at least once a year.  Additionally, incident response isn’t just an IT issue. It’s a business issue that affects all departments, and in many cases third-parties such as legal counsel, PR, and third-party hardware and software vendors.

No comments:

Post a Comment