Part 3 in our series of how to create an incident response plan is to define primary members. You also want to assign backup members to decrease the dependency on each of the following roles:

Define Primary Members

  • Security Officer
  • Privacy Officer
  • Network
  • Operating Systems
  • Line of Business Applications
  • Internal Auditing
  • Marketing and PR/Communications
  • Executive Management

If you can assign these roles, it will be easier for you to recover from an attack.

Ongoing Reviews

You also want to have ongoing reviews of the following:

  • Monthly validation that the backups, systems and logs are all working properly
  • Quarterly meetings to review the procedures and modify where needed
  • Every 6 months, review and test all systems
  • Annual training of procedures
  • Annual drill to make sure everything works
  • Review and improve after the annual drill

Following these few steps can help save you in the event of an attack.  You can never be too prepared.  Preparing and education is the key to fighting off cyber attacks and getting you network back up and running. Tomorrow, we will go through part 4, which is “Review and Training” of the involved participants.