Proudly serving Virginia, Maryland and DC // Call us today! 703.396.6120
V2 SystemsV2 Systems
A Framework for Your Incident Response Plan: 5 Steps for Implementing A Cybersecurity Strategy

by Erik Briceno

You never want a cybersecurity incident to happen. But in today’s complex technological landscape, it can happen. So you need to be prepared to implement an incident response plan that will help your business reduce the risks, costs and recovery time associated with a security breach or cyberattack.

Recent research underscores that cyberattacks are the new normal. Nearly half of small businesses suffered a cyberattack in the past year — and nearly two-thirds of them failed to act following a cybersecurity incident.

Bottom line: This impacts your bottom line.

The average cost of cybersecurity incidents ranges from about $34,604 for a small business to $1.05 million for a large business, according to the 2018 Hiscox Small Business Cyber Risk Report.

“Small businesses are less likely to have strategies in place to ward off attacks, detect them early if they do occur and reduce the damage. And, they are less likely to be able to withstand the financial impact of a hack or breach,” the Hiscox reported concluded.

But don’t panic. Instead, implement a pragmatic incident response plan.

The first step is to do all you can to prevent a cybersecurity incident from occurring in the first place by following these best practices. But when an incident does happen, be prepared to respond.

“Small businesses can take steps to counter the ever-evolving threat of cyberattacks and become cyber ready,” the Hiscox reported advised. “These steps are not overly complex or costly, and small businesses can significantly protect themselves by taking action.”

Get the Gist From NIST

When it comes to planning for these worst-case scenarios, the National Institute of Standards and Technology (NIST) has your back. These federal folks have published a Guide for Cybersecurity Event Recovery to help organizations develop a game plan to contain the opponent and get back on the field quickly.

As the number of cybersecurity incidents climbs, and the variety of types of attacks grows, “It’s no longer if you are going to have a cybersecurity event, it is when,” said computer scientist Murugiah Souppaya, one of the guide’s authors.

The NIST publication supplies tactical and strategic guidance for developing, testing and improving recovery plans. It recommends organizations create a specific playbook for each possible cybersecurity incident, and it includes examples you can adapt to your specific situation.

“To be successful, each organization needs to develop its own plan and playbooks in advance,” said Souppaya. “Then they should run the plays with tabletop exercises, work within their team to understand its level of preparation and repeat.”

5 Critical Steps to Follow

A Framework for Your Incident Response Plan: 5 Steps for Implementing A Cybersecurity Strategy

Credit: N. Hanacek/NIST

NIST also recently released an updated version of its Cybersecurity Framework, which provides organizations of all sizes — including government and private-sector businesses — with standards, guidelines and best practices for managing cybersecurity risks.

This framework is structured around five key functions:

  1. Identify — Begin with an overall understanding of your technology situation and its business context, which includes identifying your IT assets and their vulnerabilities, creating a risk management strategy and implementing cybersecurity policies.
  2. Protect — Put appropriate safeguards into place to minimize potential cybersecurity incidents, which includes providing employee training, using access control systems and updating security systems.
  3. Detect — Implement systems and monitoring to detect cybersecurity incidents in a timely manner.
  4. Respond — Be prepared to take quick action to contain the impact of a potential cybersecurity incident, which includes ensuring you follow your incident response plan and maintain communications with all stakeholders.
  5. Recover — Return to normal operations and implement improvements based on lessons learned and reviews of existing strategies.

Consider Outsourcing IT Security

Given all these issues, it’s no surprise the Hiscox report found that only 16 percent of small businesses are “very confident” in their cybersecurity readiness. Many lack a strategy, accountability, training and insurance — all critical factors for responding to cybersecurity issues.

The result of that lack of preparedness? “Remarkably, 65 percent of small businesses have failed to act following a cybersecurity incident,” the report found.

That’s why the report’s authors recommend that, for smaller businesses in particular, “Outsourcing cybersecurity can be an effective way to increase preparedness. Engaging a consultant can mean lower costs and a quicker ramp up of your cyber program.”

Your employees must still be aware and engaged in the process of protecting your company’s data, but an outside firm can lend expertise. Our expert engineers can design safeguards — including an incident response plan — that are an integral part of your network infrastructure, software and management right from the start.

 
Since 1995, Manassas Park, VA-based V2 Systems has employed local systems administrators, network engineers, security consultants, help desk technicians and partnering companies to meet a wide range of clients’ IT needs, from research, to implementation, to maintenance. V2 Systems has successfully worked with and continues to work with new companies providing NIST compliance. Contact V2 today for references. Concentrate on your VISION…We’ll handle the TECHNOLOGY! 

ebriceno
About ebriceno
A Framework for Your Incident Response Plan: 5 Steps for Implementing A Cybersecurity Strategy
A Framework for Your Incident Response Plan: 5 Steps for Implementing A Cybersecurity Strategy