What Do You Mean By Incident Response?
If you ask businesses what their Incident Response Plan looks like they’ll reply “My IT guy sorts that stuff out”. This misconception is usually due to them having someone handle their IT, so the assumption is that one is in place.
Incident Response and Business Continuity, What does it even mean?
An Incident Response Plan is a written document encompassing procedures of what needs to get done, who needs to be notified, and what’s vital. It is a roadmap designed to respond efficiently and effectively against possible events. It can either be from a cybersecurity incident or any unforeseen circumstances.
As the name suggests, a Business Continuity Plan is a plan to make a business resume operation as a disaster happens and as it finishes. A perfect example of a Business Continuity Plan would be what we saw in the past couple of years with COVID-19.
Also, when it comes to these two incident response plans, business people think only a hacker would take their business down. But this is far from the truth. A natural disaster could shut down specific critical infrastructure; an insider threat could come into your organisation and steal data as they near the end of employment, or day by day, taking a piece at a time.
A perfect example of this was Box Hill and Angliss Hospitals in Victoria. Although only down for several hours, the hospitals had to declare a code yellow emergency. That meant some surgeries had to be canceled and were only allowed to be operated on if the surgeon knew the patients. It is unclear whether it was a cyber incident. Luckily, there was an incident response plan in place for them to resume business operations swiftly.
So how could this affect me?
For every problem you have ever faced running a business, how much easier was it to overcome that challenge with a proper plan?
The fact is that no matter what issue comes up, a roadmap makes fixing a problem more streamlined, with a smaller margin for errors.
If you feel that something terrible happened and your first instinct would be to “call my IT guy”, it might be a good idea to head over to our cybersecurity page to see how we can help you.
SOURCES:
Melbourne hospitals: Eastern Health hit by IT outage, calls code yellow (theage.com.au)
Leave a Reply