In the world of Information Security, we have all heard of the Center for Internet Security Top 20 Critical Security Controls (CSC's) which is formerly known as the SANS Top 20. This is a list of the 20 IT Security Controls that an organization can implement to strengthen their IT Security position and mitigate their risks of an attack. One of the CSC's that is gaining more and more attention, both in the news and through Regulatory Requirements, is CSC 19: Incident Response and Management.
Most organizations have a Business Continuity Plan and Disaster Recovery Plan which has some element of Cybersecurity built in. However, an Incident Response Plan is a critical component for an organization to create, manage, monitor, and adjust. This plan will identify, within your organization, who is a part of the Incident Response Team and what their roles are on the team. And, just like a Business Continuity Plan, the Incident Response Plan should be tested and updated on a regular basis. But why? Why do we need to have a separate plan focused specifically on IT Security Incidents and why can't we just lump it into our BCP plan? Well, there are several reasons, listed below:
There are many more reasons why having an Incident Response Plan is critical to your organization. For that reason, Compass IT Compliance will be hosting our May webinar on the topic of Incident Response Planning and covering some key best practices for you to consider implementing. Here are the details:
When: Thursday May 26th
Time: 1:00 PM EST
Where: Online, Register Below
Cost: FREE
These Related Stories
No Comments Yet
Let us know what you think