Cyber Incident Response Plan (CIRP)
Techopedia Explains Cyber Incident Response Plan (CIRP)The philosophy behind creating a cyber incident response plan (CIRP) is that simply defending a digital perimeter is not enough. Consultants and experts urge companies to go beyond and develop a CIRP in order to know how to handle cybersecurity issues and attacks as they arise.
In other words, businesses should assume that cybersecurity events will occur and should determine how to do damage control. Security experts point out that the U.S. government and Department of Defense are already taking these precautionary measures and that corporations should follow suit.
Part of building an effective CIRP is to keep it up-to-date and consistent across all departments, for a kind of "all-hands-on-deck" response to a cyberincident. This helps provide better and more effective control when a cyberattack happens.
In terms of the components of a CIRP, businesses can use an existing NIST "incident taxonomy" to identify different kinds of attacks. They can identify high-stakes data to determine the correct way to address different kinds of situations that target parts of a corporate network. They can also look at "fail modes" or emergency meds for systems, which might involve creating simulations or models, or doing tests to check how their security operates in a real crisis. All of these help protect businesses from possible online attacks.
- Cybersecurity: The Big, Profitable Field Techies Are Overlooking
- How I Got Here: 12 Questions With Cybercrime-Fighter Gary Warner
- Security: Top Twitter Influencers to Follow
- The Truth About Cybersecurity
- Biometrics: New Advances Worth Paying Attention To
- The Biggest Ransomware Mistakes Businesses Are Making in 2020