Cyber Incident Response Plan

What Does Cyber Incident Response Plan Mean?

A cyber incident response plan (CIRP) is a comprehensive plan for tackling eventual cyberthreats and cyberattacks. Businesses make use of this plan to be proactive about cybersecurity and minimize the damage from viruses, hacker activities and more.


Techopedia Explains Cyber Incident Response Plan

The philosophy behind creating a cyber incident response plan (CIRP) is that simply defending a digital perimeter is not enough. Consultants and experts urge companies to go beyond and develop a CIRP in order to know how to handle cybersecurity issues and attacks as they arise.

In other words, businesses should assume that cybersecurity events will occur and should determine how to do damage control. Security experts point out that the U.S. government and Department of Defense are already taking these precautionary measures and that corporations should follow suit.

Part of building an effective CIRP is to keep it up-to-date and consistent across all departments, for a kind of "all-hands-on-deck" response to a cyberincident. This helps provide better and more effective control when a cyberattack happens.

In terms of the components of a CIRP, businesses can use an existing NIST "incident taxonomy" to identify different kinds of attacks. They can identify high-stakes data to determine the correct way to address different kinds of situations that target parts of a corporate network. They can also look at "fail modes" or emergency meds for systems, which might involve creating simulations or models, or doing tests to check how their security operates in a real crisis. All of these help protect businesses from possible online attacks.


Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…