9 Critical Questions

"The Basics of a Cyber Security Incident Response Plan"

A Cyber Security Incident Response Plan outlines the procedures to follow when a security breach occurs. It is crucial for minimizing damage and ensuring a swift recovery. An effective incident response plan includes preparation, detection, analysis, containment, eradication, recovery, and post-incident review. Answering these 9 questions affirmatively gets you off to a great start. 

Please contact System Integrity at 410-934-3314 ext. 101 for more details.

3 Technical Questions: 

(1) Do we have Security Event and Incident Management?
            - Your SIEM logs security events network wide.
(2) Do we have our endpoints backed up?
            - If devices are backed up recovery is expedited.
(3) Do we have 24 Hour Managed Detection and Response?
            - Protects your devices and isolates the incident.

3 Administrative Questions:

(1) Do we have Cyber Liability Insurance? 
            - When is the problem big enough to contact them.
(2) Is there a regulatory component?
            - HIPAA, PCI DSS, FDA, CMMC and others.
(3) When and who do we report the incident to?
            - FBI Local Office, Complain.IC3.gov, Infraguard.

3 Communication Questions:

(1) Who is our Incident Response point person?
            - What are our communication channels with IT, Mnmt and Clients.
(2) What are our vulnerabilities?
            - Financial Data, PII, Intellectual Property, etc.
(3) What are our critical systems?
            - If our critical systems are down, what is our backup plan.