We’ve all seen black and white World War II movies where someone detects an incoming threat. Everyone instantly goes to battle stations to start doing everything possible to immediately respond to the threat. Organizations need to take the same urgent posture with cyber threats; there is no time for an organizational planning meeting when a threat or attack is detected as imminent or in progress.
Planning, training, coordination and exercises all must be completed as part of the preparatory work. A well scripted plan must be rehearsed and ready to go at a moment’s notice, and cover all aspects of the organization’s response, not just the IT portion. Notifications, mobilizations, documentation, and assessment are only a few of the tasks that must be executed regardless of the time or day of the attack.