Get in Touch Close Menu

Cyber Security Incident Response

Frequently Asked Questions (FAQs)

1. What is Incident Response?

Incident Response refers to the process by which an organisation or company handles a cyber attack which is deemed significant. Ultimately, it is the strategy and tactical implementation required to manage this event and minimise impact. It includes managing recovery time, costs and collateral damage such as brand reputation, financial and compliance issues.

Organisations must, at the very least, have a defined Incident Response Plan. This is usually a set of policies and procedures to identify, contain and respond to such an event by providing a clear, detailed and guided process to follow. This includes outlining the specific personnel and teams necessary to manage each particular task.

2. What is an Incident Response Plan (IRP)?

An Incident Response Plan is a detailed set of documented procedures that break down the steps to be taken in every phase of incident response. It contains all the guidelines for roles and responsibilities during a security incident, including communication plans and ownership of actions. Ideally, an Incident Response Plan should be written in clear language, and all terms should be well-defined.

3. What is an Incident Response team?

By definition, an Incident Response Team refers to the personnel responsible for implementing an organisation’s IRP. Essentially, Incident Response Teams are mandated to prevent, manage and respond to any breaches or attacks. This extends to researching threats, developing and updating effective IRPs, and educating on relevant cybersecurity best practices.

4. What are Incident Response services?

These are managed services that can either substitute or supplement an in-house incident response team. The advantage of employing a managed service is that it usually provides a significantly higher level of cybersecurity expertise with 24×7 response times.

5. Why is Incident Response important?

Data breaches and attacks cost organisations time, money, customers and reputation. Effective Incident Response minimises these impacts.