Cyber incidents: businesses urged to ‘be prepared, be proactive and practice, practice, practice’

Published: Tuesday, 24 September 2019 09:40

Based on three years (2016-2018) of cyber incident response plan assessments and data breach simulations conducted by Verizon for its customers, the new Verizon Incident Preparedness and Response (VIPR) Report gives organizations strategic guidance on creating effective and efficient incident response plans.

“Companies think that having an incident response plan on file means they are prepared for a cyber attack. But often these plans haven’t been touched, updated or practiced in years and are not cyber-incident ready,” comments Bryan Sartin, Executive Director, Verizon Global Security Services. “Having an out-of-date plan is just as bad as having no plan at all. Incident response plans need to be treated as ‘living documents’, regularly updated, and breach scenarios practiced in order for them to be truly effective.”

Verizon experts have identified the six typical phases that every incident response plan should contain:

The VIPR Report also includes five ‘Breach Simulation Kits’ consisting of real-world scenarios to provide organizations with the content to facilitate their own mock incident table-top exercise.

The complete Verizon Incident Preparedness Response Report is available to download on the VIPR Report resource page.