Incident response is a plan that evolves over time to keep your organization best prepared against likely threats.Incident response is a plan that evolves over time to keep your organization best prepared against likely threats. With punitive measures introduced by the GDPR (General Data Protection Regulation) and the NIS Regulations (The Network and Information Systems Regulations 2018), how an organisation responds to a cyber incident can often spell the difference between failure and success. The speed at which you identify and mitigate such incidents makes a significant difference in controlling your risks, cost and exposure. Effective CIR management can reduce the risk of future incidents occurring, help you detect incidents at an earlier stage and develop a robust defence against attacks to potentially save your organisation millions.
Frameworks that outline and require incident response measures
Incident response planning is mandated as part of all major cyber security regimes either directly or indirectly. The following standards require incident response measures:
- ISO 27001, the international standard for an ISMS (information security management system)
- ISO 22301, the international standard for a BCMS (business continuity management system)
- PCI DSS (Payment Card Industry Data Security Standard)
US government departments also have a responsibility to report cyber incidents under the terms laid out in the security policy framework issued by the Cabinet Office, effectively mandating a CIR for such organisations as well.