This is Part 4 incident response planning to help you fend off a ransomware attack or other cybersecurity attack. We already talked about forming a Risk committee and determining who is responsible for various tasks. We also discussed forming an incident management committee to define roles and responsibilities. Today, we will discuss ongoing and periodic reviews of policies and processes that have been put in place. Preparing for the attack is the best defense against it. You want to be ready, have a plan in place that is tested and that you know will work.

The real key to incident response planning is to be ready, prepared and trained.

Part 4 Incident Response Planning

Ongoing reviews – This would consist of:

  • Monthly Validation that system and software logs are current and working.
  • Quarterly meetings to review and modify procedures as needed.
  • Biannual or quarterly tests and reviews.
  • Annual incident drill.
  • Review of all tests and drills.

It is important to not only put things into place, but to test, review and document. Remember, the best way to defend against a cyber attack is to prepare for it.