Develop a simple yet methodical set of response steps

• Introduction outlining the purpose and scope of the plan
• A list of security incident response team members and full contact information mentioned above
• A list of the types of incidents that will cause you to invoke the plan mentioned above
• Technologies and operations in place to detect incidents
• Specific steps for containing incidents
• Procedures for investigating what happened. (Don't overlook the value of a formal cybercrime investigation if it appears to be serious enough; otherwise, you can end up overlooking things or ruining evidence.)
• High-level steps for eliminating the threats and associated vulnerabilities (ideally one set of steps for each type of incident)
• Specific steps for following up to ensure the threats and vulnerabilities are gone (such as virus scanning, port scanning, vulnerability testing and network analysis)
• Procedures for communicating with external parties such as customers, business partners and the media (this may be one of the first things your organization is required to do!)
• Requirements for retaining records related to security breaches

In the end, make sure your plan addresses these six major areas:

1. Who does what?
2. What must be done?
3. When must it be done?
4. Where must it be done?
5. How must it be done?
6. What's done when all is said and done?

Plan for a security breach, step by step

  Introduction
  Step 1: Define what "breach" means to your business
  Step 2: Don't overlook critical network infrastructure systems
  Step 3: Know who to contact and have that information available
  Step 4: Develop a simple, methodical set of response steps
  Step 5: Get input from others affected by a security breach
  Step 6: Keep your momentum going

About the author: Kevin Beaver is an independent information security consultant, speaker and expert witness with Atlanta-based Principle Logic LLC. He has more than 19 years of experience in IT and specializes in performing information security assessments revolving around compliance and IT governance. Kevin has authored/co-authored six books on information security including Hacking For Dummies and Hacking Wireless Networks For Dummies (Wiley) as well asThe Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He's also the creator of the Security On Wheels audiobook series. You can reach Kevin at kbeaver@principlelogic.com>.

Download this free guide

The importance of web security

Join us as we take a look at the different approaches you can take in order to bolster your web security. We find out how to identify and address overlooked web security vulnerabilities, how security controls affect web security assessment results and why web opportunities must be met with appropriate security controls.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.