Hyperbole (love the word!) ….. I would be disappointed if my business leaders thought that my security team could not respond to a cyber incident. The linked article describes that business leaders do not feel their organisation could respond to a cyber incident.

So what is the problem?

• The article is not an accurate impression?
• Business leaders surveyed do not understand the problem?

Former or Latter I can not speak for, what I can say is that if your business leaders do not feel that the security team can respond to an incident then there is education missing.

I guarantee that almost all security teams in any organisation can respond to an incident and would (within their limitations) resolve it in the best way they could – this is called being human and being resourceful.

If you are a business leader feeling that your Security team would not be able to respond adequately, then ask them for their response plans and review with them, if they do not have them then ask them to create now – and then review after creation.

Response plans need to include:

• communications

• people

• process

• escalations

• vendor contacts

• confirmation process

• eradication steps

• recovery

• remediation

• review

• learnings

• updating plan – at the least.

If you want help with this then please let us know and we can help.