Cyber security incident management is not a linear process; it’s a cycle that consists of a preparation phase, an incident detection phase and a phase of incident containment, mitigation and recovery. The final phase consists of drawing lessons from the incident in order to improve the process and prepare for future attacks. During this cycle communication with both internal and external stakeholders is of critical importance.
Drawing up an organisation’s cyber security incident response plan is an important first step of cyber security incident management. It is also crucial that top management validates this plan and is involved in every step of the cyber security incident management cycle.
In this workshop, delegates will be able to share in a roundtable format their current incident strategy, assessing what holes they are currently missing, including PR response, HR policies to avoid miscommunication internally, and what considerations should be made when saving data for forensics.