Darkreading recommended that an IR team should include “outside legal counsel that possess specialized experience in cybersecurity and data breach responses” and key stakeholders from all applicable areas of the organization, such as Legal, HR, Executive Management, PR/Communications, Information Technology”…as well as third party vendors. The June 7, 2016 report entitled “How To Prepare For A Data Breach” quoted Rocco Grillo (head of Cyber Resilance at Stroz Friedberg) who described these five strategies:

  1. Have an IRP in place and test it regularly
  2. Know your organization’s “critical assets” and where they are
  3. Solidify your Dream Team of incident responders now
  4. Invest in the human component of security
  5. Train end users on best security practices

Sound advice to help when the cyber intrusion is detected!