TechGuard Blog

Why you Need an Incident Response Plan

Imagine you are a big hotel chain getting ready to close a large acquisition. You're growing at a rapid pace, and everyone knows your name. Your reputation and name lends itself to professionalism and the trust to deliver a well-designed, modern, clean hotel experience with many desirable amenities. Your hotel is somewhere clients feel safe to bring family and they trust that your business transactions are secure. The next thing you know, the large chain that you recently acquired had a problem with security and now you are wondering how to handle a very large breach that occurred.

Do you happen to remember Marriot's Mega-Breach? Physical addresses, birthdates and passports numbers were exposed for up to 327 million people. Some of the information exposed included credit card information. Back in 2016, Marriot purchased Starwood Hotel & Resorts. In 2015, Starwood disclosed that they had an issues with malware but Marriot continued with the acquisition. This story brings to light the importance of recognizing what might be at risk during mergers and acquisitions. Clearly, Marriot's purchase included a breach and serious cybersecurity concerns. These attacks can results in business closure, cost millions of dollars and/or destroy your company's reputation. 

What is an Incident Response Plan?

An Incident Response Plan is an organized approach with step by step guidelines for handling a security incident or breach. The goal is to incur the least impact for regular course of business to the company and to have a fast reaction time when something happens in order to minimize the damage.

Why is it critical for your business?

The fact is, breaches and security incidents are taking place every day. Attackers are becoming more advanced. You'll need to be prepared to act quickly if such an event occurs. You have worked hard to protect your reputation and to build a successful business. Many businesses do not survive these incidents due to a lack of preparation.

Most recently, we've heard companies say they feel cyber resilient, but when the plans are looked at in closer detail, they don't seem to be up to par and claim they don't have a formal and consistent incident response plan for their business. But, how do you go about implementing such a plan?  Fortunately, you don't need to hire a full-time incident response employee to protect your business, you can meet with our Incident Response experts at TechGuard to create your incident response plan and be prepared.

Testing the IR Plan

It's equally important to ensure your Incident Response Plan includes various realistic scenarios. Different types of attacks require different types of responses. Consider if your plan includes third parties. Once plans are developed it's critical to test the plans. Practice table top exercises to understand various team member's roles in the response process. These exercises are a great chance to practice the "what if" scenario. One example of a "what if" situation is to respond as if a company laptop storing private information is lost. Ideally the team members will discuss the scenario and talk through the exercise. The exercise could take anywhere from a few hours to an entire day to execute.

How can TechGuard help?

We will work with you to develop a comprehensive and well-communicated Incident Response Plan that is customized to your individual business needs. We will help you minimize risks, protect your data and maintain organizational control of sensitive information. Your assigned TechGuard Cybersecurity Expert will ensure your Incident Response Plan contains all the necessary elements and will develop and conduct a realistic security incident table-top scenario to exercise the documented plan.

At TechGuard Security we approach incident response planning by applying the Center for Internet Security (CIS) eight-step framework that addresses every aspect of an Incident Response Plan. This approach allows us to utilize an adaptable framework from which we can develop a customized Incident Response Plan to meet your unique needs. The Incident Response Plan will be presented via a collaborative session enabling all stakeholders to understand their responsibilities in executing the Incident Response Plan as well as giving the opportunity to provide feedback.

Written by Allie Prange

Allie stepped into her role as PR & Marketing Specialist at TechGuard Security in November 2019 to help oversee, develop and implement marketing initiatives while serving as the day-to-day contact managing timelines, strategy and overall client/partner direction. As a mass communications graduate from SIUE with over 10 years of marketing experience, Allie is conversant in marketing/campaign strategy, brand development, social media marketing, graphic design, cross-promotional tactics, copywriting, public relations, event coordination and more. She has the innate ability to creatively plan, communicate, strategize and execute any project that is handed to her. Allie is a team-player, goal-oriented and strives for success amongst her teammates and colleagues. In her free time, she enjoys managing her graphic design side business, AKP Designs, spending time with her family and traveling as much as she can.