Darkreading.com reported that “Being proactive allows organizations to better react with a deeper understanding of the threat actor’s intentions and how the organization’s defenses relate to potential threats. That’s why threat awareness is one of the core metrics used to assess an organization’s maturity and capabilities for IR success…” The August 2, 2019 article entitled “Why Every Organization Needs an Incident Response Plan” among other things recommends using the 2012 NIST Computer Security Incident Handling Guide as a starting point, and includes these comments:
Having an IR plan in place is a critical part of a successful security program.
Its purpose is to establish and test clear measures that an organization could and likely should take to reduce the impact of a breach from external and internal threats.
Where is your business with its IR Plan?
Leave a Reply