Incident detection and response must be as important to your enterprise as the focus on prevention.  Many organisations spend too much time and money on the “Before” of a security incident but are unable to respond when (not if) a critical incident occurs.  Create, test, and implement an incident response plan.  Understand your risk profile, assets, and resources.  Acquire the technology and resources to accurately discover incidents.  Ensure you have the ability to respond in a timely manner and with conviction.  Ensure recovery after the incident to minimise disruption.  Above all else, test your plan in anger at least annually.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s