Learning From Experience: Five Actions to Take and Five Mistakes to Avoid When Testing a Breach Response Plan 

Cybersecurity has been an increasing corporate concern for years now and, as a result, most sophisticated entities have at least some form of an incident response plan in place. However, plans are unlikely to be worth the paper they are printed on (or the space they take up on a hard drive) if companies do not test those plans so that key incident response personnel understand the roles they will play, and the decisions they will face, in responding to an actual security incident. In a guest article, experienced tabletop exercise faciltiators Kim Peretti and Lou Denning, Alston & Bird partner and associate respectively, explain why it is critical for companies to test their plans using a simulated incident in a comfortable environment to see where improvements can be made before a real breach hits. They detail five key elements to consider and five pitfalls to avoid when testing a response plan. See also the Cybersecurity Law Report’s three-part guide to developing and implementing a successful cyber incident response plan: “From Data Mapping to Evaluation” (Apr. 27, 2016); “Seven Key Components” (May 11, 2016); and “Does Your Plan Work?” (May 25, 2016).

To read the full article

Continue reading your article with a CSLR subscription.