Abstract
The formation of an incident response (IR) team and IR testing are the most significant actions an organisation can take to reduce the cost of a security breach, but organisations are often challenged to build the right IR team with the right outputs and outcomes decided — especially when IR itself needs an aggressive rethinking in an era of thousands of software-as-a-service (SaaS) applications in use by businesses. This paper will explore how to build the right IR team processes, key roles, tabletop exercises, protocols, executive management and other important considerations. It will highlight both hard and soft skills needed for successful IR, especially in the less-discussed but hugely important latter category, the need for expectations setting with leadership, and the right ways to convey vague and incomplete information in the early stages of IR and breach analysis by using actual cases from past experience.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call