Best Practices: Cyber Incident Response Readiness

Complete risk assessments for executive review, operational process and third-party vendors
Review security best practices and validate your organization’s adoption or reasoning for not adopting
Audit your data and review your data stewardship practices including data lifecycle management
Complete a review of insurance needs including exclusions and pre-approval of coverage for any third-party services (such as cyber forensics, remediation provider, PR firm, etc.)
Establish and regularly test an end-to-end incident response plan including empowering 24/7 first-responders
Establish/confirm relationships with data protection authorities, law enforcement and incident service providers
Review and establish forensic capabilities, procedures and resources (internal and third-party providers)
Develop communication strategies and tactics tailored by audience (e.g., messages to employees vs messaging to media vs notifications to customers)
Review remediation programs, alternatives and service providers
Implement ongoing employee training for incident response
Establish employee data security awareness and ongoing education on privacy, incident avoidance (password practices, how to recognize social engineering, etc.) and incident response
Understand regulatory requirements, including relevant international requirements

, Global,

Related Resources

Rebuilding Trust 4 December 2025

While often well-intentioned, policies requiring age checks create risks for people’s privacy, security, and access to an open Internet.

Rebuilding Trust 22 May 2024

Canadian Bill S-210 includes requirements that could disrupt essential functions of the Internet and ultimately harm Canadians’ security and...

Rebuilding Trust 10 October 2023

Learn about memory safety, memory-safe languages, common bugs and vulnerabilities, and the reasons for memory safe language adoption and...