Tag: checklist


Cyber Incident Response – Have you planned to fail?

Drill, drill more and drill again

I’ve worked with hundreds of companies over the years and one area I consistently see them struggle with is incident response drills. Sure I see some board level table top simulations but nothing says i’m ready more than practising actual responses.

In table tops people mainly assume the log files exist, they assume the resources are there, they assume the best. I’m not a pessimist but I assume breach and assume things will go wrong (even with preperation).

So to help people I put together an Incident Response planning toolkit workbook. This excel document is a rough guide of different types of incidents and different horror levels (there’s a cool D00M flavoured easter egg in there too). Now one thing, you will need to tailor this. BEC for example can be very simple to repel and remediate, however the cost and impact of BEC can be huge (even if it’s a single mailbox) so take the numbers in here with a pinch of salt and tailor it to suit your needs.

Fail to Plan, Plan to Fail

Failing to plan for a cyber incident both large or small is a sure fire way to ensure you are planning to fail! So with this in mind we thought we’d share a quick workbook to try and kick start your mind into NOT planning to fail!

Read more “Cyber Incident Response – Have you planned to fail?”