Your Incident Response Plan [Video]
PART 1: PREPARATION
Preparation is key before a cyber incident. A great first step is to identify a team that can help provide guidance and assistance through the incident. For at-home incidents, think about your family members, friends or a colleague that may have some cybersecurity knowledge. This team won't need to have weekly meetings or sign any contract, but the idea is they can be a quick resource to you if a cybersecurity incident occurs. Consider a group text where the participants can talk through a "fishy" email or when a computer is exhibiting odd behavior.
PART 2: DETECT & RESPOND
To respond appropriately to an incident, we must be able to detect when an incident occurs. The challenge here is these events can be very obvious such as a ransomware notification on your screen or could be a silent spyware attack stealing information behind the curtain. The best advice is to stay alert for issues or warning signs on your devices at work and at home. Tune into any performance issues or inconsistent behavior. If you do detect a possible issue, respond as soon as possible! If the issue is affecting a work device, contact IT and your supervisor as soon as possible.
PART 3 - RECOVERY & LEARNING
The recovery stage is all about getting back to business as usual and a full recovery is easier to achieve when the proper preparation, detection and response are applied from your incident response plan. Here are some helpful tips when working through your recovery stage.