Test Your Plan Regularly
Great! You've got your incident response plan nailed down, now make sure you test it at least once a year. Mark Weatherford, chief cyber security strategist for security vendor vArmour, suggests working with an independent third-party the first time you test in order to see the necessary elements and criteria. The drill can last two hours or may require a full day. But by walking everyone through a specific scenario, people start to understand their own roles and identify any gaps in the plan. "Things never work like clockwork, but if you have a chain of command – and communications – it will help a lot," Weatherford adds.
And Check With Your Attorneys.
Depending on your industry sector or jurisdiction, the company may be subject to compliance laws that require you to test your readiness regularly.
Image Source: Wikimedia Commons, courtesy of Cpl. Matthew Manning