Welcome to ITS! Learn more about our strategic partnerships with 5 MSPs!

Read the Story
Schedule a Meeting
Services
Services
Cybersecurity
Managed IT
Co-Managed IT
Data Analytics
Cloud Computing
VoIP Phone
Business Internet
All Services
Industries
Industries
Architecture and Design
Automotive
Biotechnology
Construction
Finance and Insurance
Healthcare
Law Offices and Law Firms
Logistics and Distribution
Manufacturing
Nonprofit
Retail
Pricing
Learning Center
Company
Company
About Us
Careers
Contact
Events
Sales: (855) 204-8823
Client Support
(888) 969-3636
Schedule a Meeting

View All Posts

How to Respond to a Cyber Incident? [Video] Blog Feature
Karen Ting

By: Karen Ting on January 20th, 2023

Print/Save as PDF

How to Respond to a Cyber Incident? [Video]

Cybersecurity

No one expects to be the next cyber victim, but on the off day that your business does get hit, do you know what to do? Do your employees know how to respond? Rob Schenk lays out what to do when your business is faced with a cyber incident. 

cyber incident

When an incident does hit your business, there’s no need to panic. Follow these four-step process of NIST Incident Response designed to protect your organization:   

0:58 #1 Preparation 

Preparation is perhaps the most vital and work-intensive step of incident response. You will document, outline and explain your response team's roles and responsibilities. That includes establishing the underlying security policies which will guide the development of your incident response plan.   

1:23 #2 Detection and Analysis 

This involves the monitoring, detecting, alerting, and reporting of security events. The primary objective for this stage is identifying known and unknown threats and suspicious activity that seem malicious.  In this phase, collecting log data is critical to identify how the incident occurred, its root cause, and the systems and data affected. 

2:14 #3 Containment, Eradication, and Recovery 

The goal of this step is to stop attacks before they cause damage. Once a breach has been detected, containment of the compromised systems, networks, data stores, and devices ensures that infection does not spread. 

3:03 #4 Post-Incident Activity 

Once the threat is neutralized, it's vital to analyze how the incident happened to prevent another issue in the future. Post-incident activities include: (1) Reviewing and reporting on what happened, (2) updating your cybersecurity program with new information about what worked and what to improve, and (3) updating your IR plan with lessons learned.   

Responding to a cyber incident is no easy feat. If you're worried that your IT team or provider may not be able to properly contain the breach, we recommend you talk to one of our experts. We can discuss what your situation is and what next steps we can take to secure your business.   

New call-to-action

Related Resources

Disaster Recovery

What is an Incident Response Plan?

Read More

Cybersecurity

What is an Incident Response Plan (and Why You Need It) [Video]

Read More

Cybersecurity

Cyber Incident Reporting for Critical Infrastructure Act of 2022

Read More