top of page
Train Crossing Bridge

Incident Response Plans

An Incident Response Plan (IRP) is a set of instructions to help Companies detect, respond to, and recover from data breaches and network security incidents. These types of plans should address issues like cybercrime, data loss, social media and reputational breaches, and service outages that threaten daily work and the overall reputation of the Company.  Without a proper incident response plan in place the staff will lack the knowledge and procedures necessary to quickly respond to any threat to the organization.The IRP goes beyond the IT Department and the computer network to address the overall concerns of how to mitigate and respond to the incident from all levels, including;

Sand Dunes
  • Technology – what steps do we take to identify and react to the incident, ensuring that the necessary actions are followed to contain the incident and eliminate its potential effects on the network.

  • Legal – If there is a data breach what legal actions must be taken in order to identify and react to the incident.

    • For example, if client’s social security information is stolen or compromised, what actions does the legal department or counsel need to take to make sure the company’s liability is intact

  • Marketing – If there is a data breach and information is leaked about a client, what message must be sent to the company and to the outside world to mitigate the over implications of this data breach

  • Human Resources – if there is a data breach and information is compromised by an employee’s careless behavior what actions should be taken against the employee

The Challenge

  • Work with all the respective departments to identify the steps that must be taken if a data breach occurs

    • This included training the managers of each department to what constitutes a data breach and in layman’s terms what is the proper terminology used to identify data breaches

  • Prepare a basic IRP that can be understood by Management so, they would understand the actions that needed to be carried out in the event of a breach.

  • Work with the IT department to build a runbook, simple set of instructions, to be used to identify, contain, eradicate and recover from each identified type of  data breach

          A properly built  Incident Response Plan

  1.   Preparation

  2.   Identification

  3.   Containment

  4.   Eradication

  5.   Recovery

  6.   Lessons Learned

bottom of page