With increased presence on digital platforms comes increased risk of possible cyber incidents. Unfortunately, almost every organization will experience a cyber attack at some point, so having a response plan in place beforehand is the best way to minimize the chance of mistakes.
As a business owner, creating an incident response plan that outlines how to address a possible cyber attack will help ensure your top priorities remain the safety and security of your business, clients and partners. A good incident response plan details the steps an organization will take if a cyber incident occurs. It will help you prepare for, identify, contain and recover from cyber incidents. That's why an incident response plan is so important.
Did you know?
Only 17% of businesses have an incident response plan, according to a 2021 survey by the Canadian Centre for Cyber Security and National Chambers Insight Community.
The basics of an incident response plan
An incident response plan includes essential components to help you act quickly if you suspect a cyber attack, such as:
- roles and responsibilities of each person involved in the plan;
- detailed instructions on how to handle common cyber attacks; and
- actions required for mandatory cyber incident reporting.
Implementing your incident response plan
Once you have created your incident response plan, you need to put it into action. This involves six phases:
- Preparation: Your business prepares for the possibility of a cyber attack.
- Identification: A cyber attack on your systems or devices is detected.
- Containment: Contain the breach to avoid spread.
- Eradication: Find and remove what caused the breach.
- Recovery: Restore affected systems and devices.
- Learning: Review actions and identify lessons learned in preparation for possible future attacks.
Learn more about how to create your incident response plan
Without a plan, employees can waste precious time trying to figure out what they're supposed to do when a cyber attack occurs, and that's when mistakes can happen. To get started on developing an incident response plan for your business, check out our free online eLearning module for step-by-step instructions.
Developing an incident response plan is one of the security controls necessary to be eligible for CyberSecure certification. Once you have an incident response plan, you will be one step closer to certification.
Why get certified?
Once your organization puts into place all of the required security controls, you can apply for certification. Getting CyberSecure certified has many benefits, including:
- limiting the impacts of a cyber incident
- enhancing your competitive advantage and attracting new business
- reassuring your customers and investors that their information is protected
- improving your cybersecurity knowledge
To learn how to get certified, visit the CyberSecure certification web page.
You may be eligible to receive funding to help offset the costs of implementing cybersecurity controls and getting certified. Visit the Canada Digital Adoption Program web page to learn more.