AdobeStock 88260424

The Need for An Incident Response Plan

In today’s world, Cyber threats and attacks are progressively becoming the norm. There is not one business or entity that is immune from them. It seems like no matter how much an organization does to fortify its defense perimeters; the Cyber attacker will find a way to circumvent it and inflict whatever possible damage that they can.

Consider some of these statistics:

  • Over 70% of business entities have reported that they have been a victim of a major Cyber-attack in just the past 12 months;
  • The automotive industry reported a 32% increase in detected incidents;
  • There was a 60% increase in Security breaches in the healthcare sector alone;
  • There was an astounding 527% increase in Cyber related incidents in the power and utility industry.
  • The average cost of a single corporate data breach reached $3.5 million, an increase of 15%;
  • Each record that is hijacked or stolen from a database costs a business on average $145.10.

These statistics further substantiate the fact that Cyber-attacks can occur in any industry as well.

The unfortunate truth is that many Cyber-attacks are so covert that they can often go unnoticed for a long period time.  Thus, this is where Incident Response becomes absolutely critical.  It can be specifically defined as follows:

“The process by which an organization handles a data breach or Cyber-attack, including the way the organization attempts to manage the consequences of the attack or the breach.  The goal is to effectively manage the incident so that the damage is limited in recovery time, costs, and brand reputation”.  (SOURCE:  1).

However, responding to an incident as soon as it has been discovered becomes absolutely crucial.  The above definition states that a process must be implemented, but it must be a defined and orderly one.

For example, there must be a clear line of communication, as well as specific roles and duties that are assigned to each member of the IR team. There must be a mechanism put into place which allows the IR team members to report back as to what they have discovered.  From there, the next action items can be quickly determined and enacted upon.

In other words, the IR process must detail how to handle just about any kind of Cyber-attack.  This process must be viewed as an emergency plan in order to increase the chances that a business entity will be able to resume normal operations in a quick and efficient manner.  This process can be diagrammed as follows:

  1. Identify the incident
  2. Respond to the incident in a timely manner
  3. Assess/Analyze the severity of the incident
  4. Notify the relevant parties about the incident
  5. Take appropriate measures to pretect sensitive data
  6. Prepare for quick business recovery in the wake of damage caused

Whenever an organization is hit by a Cyberattack, there is often a knee jerk reaction by the IT staff to immediately shut down the entire IT infrastructure in order to mitigate the threat. But this is a very risky proposition and can actually do more harm than good.  We will examine the pros and cons of this approach in our next blog.

Executive Summary

This is a white paper that focuses upon the importance of timely Incident Response and Communications when a business has been impacted by a Cyber-attack.  The topics covered as follows:

  • The Need for An Incident Response Plan;
  • The Risks and the Needs Associated of Going Offline;
  • The Benefits and the Needs for Fast Time to Detect and Time to Respond Periods;
  • The Importance of Communications in Incident Response;
  • The Incident Response Communications (Crisis Communications) Plan;
  • How to Report a Security Incident to Internal Stakeholders;
  • How to Report a Security Incident to External Stakeholders;


1)    Digital Guardian. (n.d.). Retrieved from

31 thoughts on “Need for Incident Response Plan – Part 1

  1. Incident Response has become an important part of IT support. Mitigating damage and losses after a cyber attack is absolutely important.

  2. It’s a really good thing that one of the IT services provided by Be Structured is IR. A lot of companies will find this service useful.

  3. I foresee a future in which incident response will be the most sought after service when it comes to IT Outsourcing. This is hugely due to the exponentially increased cyber attacks.

  4. More corporations need to incorporate IR into their structure after some proper IT consulting. It may help them save millions in future.

  5. This is why a good IT Service is vital. Not just in these parts but globally. It a digital age now and the world is transitioning into it bit by bit.

  6. This is such a wake up call for any respectable computer company. These kinds of cyber threats are not to be taken lightly. A good incident response plan should be created to be prepared against any such kind of attack.

  7. Companies that need some IT support against cyber attack should take advantage of Bestructured technology., So has to be able to make a swift response to any attack.

  8. Cyber attack is really a huge problem companies face..hence the need for ICR to combat this problem…Los Angeles IT Consulting is needed to prevent this cyber attacks..

  9. I’m glad there’s IT Support readily available in case of a cyber attack. 70% of businesses reporting this issue in the past year is a crazy number. I like how the severity of the threat dictates the fastest response.

  10. This Los Angeles IT Consulting company is doing work to curb this crime and threat to company. I hope companies that needs your consultations get to know about this on time.

  11. Thanks to bestructured for the incident reporting and i will also suggest if they can include training of organizational staff on cyber and system security

  12. IT Support needs to step up in times like this. It can be very scary when it happens. I hope nothing serious would happen in the future.

  13. These statistics are shocking, that over 70% of businesses are victims of cyber attacks. That’s why we need Be Structured as its one of the best in Los Angeles IT Outsourcing.

  14. IT Outsourcing is the next big thing .Due to rising cases of cybercrime because one would have to get pre-alerts on incidents and response on time.

  15. Any kind of cyber attack is potentially harmful to any business entity. IT services mainly depend on sensitive data. Thus, any theft could break a business.

  16. We are living in a world full of cyber attacks, and you would never know if you are safe. It’s important to have a company that offers this IT support.

  17. I really think that a good IT consulting company is needed to have a better program against security breech. Government institutions even hire IT guys from allover just to have their data protected.

  18. Sounds like an elite system for preventing cyber attacks. Identification and assessment are key tools for legitimate IT Services. Thanks for spreading the word.

  19. Small companies that cannot afford an in-house incident response plan should do it through IT outsourcing. It is always worth it in the long run.

  20. Before adopting an incident response plan proper IT consulting should be done. It is a very delicate process.

  21. It’s welcome news that incident response plans are one of the IT services offered by Be Structured. No need to look any further 🙂

  22. Be Structured leads the way as a Los Angeles MSP that provides such vital services as an incident response plan. Thanks for looking out for our businesses.

  23. A response plan these days are needed more than ever. For one as we continue to usher into the digital age security breach on any system is now a real threat. Even home systems have AV for that. How much more for an established company.

  24. Bestructued gives the best of Los Angeles IT Support and there’s always a quick response for all emergencies. Anyone that needs the services should just call on that for a quick resolution.

  25. It’s a really good thing that BeStructured provided IT services which includes IR. Some companies will find this service very productive and helpful.

  26. Be Structured sounds like the elite defense for any kind of security breach. Since they can be so costly for any business, it’s important to have a protected database.

  27. I still want to recommend this Los Angeles IT Services to both new and existing businesses to take advantage of it t and get their information and data well secured and be sure to still having their database around for a long time

Leave a Reply

Your email address will not be published. Required fields are marked *