Plan for a security breach, step by step

One of the most overlooked and underrated requirements of managing a good network is having a good incident response plan in place in case of a computer security breach. It's a fundamental human struggle to admit just how vulnerable our networks really are and what there is to lose. Once an incident occurs, the breached information is gone; it's forever deleted or residing on someone's mind or computer who shouldn't have it. And there's no way of getting it back.

This type of long-term business impact is why I continually stress the importance of having a good response plan. It won't necessarily prevent an attack, but having a plan will help stop the bleeding if an attack occurs, reducing the amount of information in harm's way.

There are six things you must do in order to prepare yourself, your network and your business for the inevitable security breach:

Plan for a security breach, step by step

  Introduction
  Step 1: Define what "breach" means to your business
  Step 2: Don't overlook critical network infrastructure systems
  Step 3: Know who to contact and have that information available
  Step 4: Develop a simple yet methodical set of response steps
  Step 5: Get input from others affected by a security breach
  Step 6: Keep your momentum going

About the author: Kevin Beaver is an independent information security consultant, speaker and expert witness with Atlanta-based Principle Logic LLC. He has more than 19 years of experience in IT and specializes in performing information security assessments revolving around compliance and IT governance. Kevin has authored/co-authored six books on information security including Hacking For Dummies and Hacking Wireless Networks For Dummies (Wiley) as well asThe Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He's also the creator of the Security On Wheels audiobook series. You can reach Kevin at kbeaver@principlelogic.com>.