The content of cyber incident response plans differs from business to business and are largely based upon need, as well as planning the initial response to a cyber incident, there may be other considerations such as pre-planned press releases should a PII data breach occur or notification of law enforcement if criminal acts have been committed.
The NCSC defines a cyber incident as: “The NCSC defines a cyber incident as a breach of a system's security policy in order to affect its integrity or availability and/or the unauthorised access or attempted access to a system or systems; in line with the Computer Misuse Act (1990).” A cyber incident response therefore is a pre-existing methodology of steps to be taken during and after a cyber incident occurs.
Regardless of circumstance, having a robust cyber incident management plan in place is highly recommended to facilitate a rational, measured response to the cyber incident, often the stress and panic of a cyber incident can result in an overreaction that can ultimately cause more harm than it prevents.
An incident response plan should ensure that lines of communication within a business are maintained and that stakeholders are kept informed of the incident as it progresses towards remediation.
Want to know more about your Cyber Security posture?
Solutions that can Help your Business with Incident Management
Disaster Recovery (DR)
DR is a contingency solution that is invoked at such a time as an organisations primary IT infrastructure has been rendered unusable temporarily or permanently and to allow continued operation of the organisation, critical elements of the IT infrastructure are restored and hosted in a different location, usually geographically remote, from the primary datacentre. Traditionally DR has been used as a contingency against physical damage or circumstances rendering a datacentre unusable, however increasingly DR solutions are being employed to continue operations in the event of a ransomware or other malware infection making critical IT infrastructure unusable for an extended period.
Chess are specialists in designing and recommending DR and BC solutions that work in harmony for our customers, contact us to discuss further.
Business Continuity
BC is sometimes confused with DR and the terms are often interchanged, whilst they are similar in nature, they are quite separate, DR is the ability to run the IT infrastructure is a separate location, a BC plan is the plan an organisation has in place that dictates how it will operate in a DR scenario. BC will typically consider such things as maintaining high availability of email functionality during a DR incident, relocating office staff to a second location, or reverting to home working if the primary office becomes unusable and maintaining other business critical services.
Chess are specialists in designing and recommending DR and BC solutions that work in harmony for our customers, contact us to discuss further.
Backup
Backups are a key component to any businesses’ contingency plans and this is often not understood or appropriately financed – having a good backup solution in place can mean major hardware, cyber or force majeure incidents can be shrugged off with minimal downtime or, conversely not having a good backup solution could mean serious trouble for a business should the worst happen.
Chess are specialists in implementing modern, robust backup solutions for our customers and there is no one-size-fits-all. General principles may remain the same but individual implementations can vary depending on business needs, available hardware or technology and geographic dispersal of customer sites.
Need advice, support or more information?
At Chess, we have a dedicated team of Cyber Security specialists and are backed by our award-winning vendors with decades of experience in most deployment scenarios. If you would like to discuss your cyber security needs, please book your free consultation.