One of the most overlooked and underrated requirements of managing a good network is having a good incident response plan in place in case of a computer security breach. It's a fundamental human struggle to admit just how vulnerable our networks really are and what there is to lose. Once an incident occurs, the breached information is gone; it's forever deleted or residing on someone's mind or computer who shouldn't have it. And there's no way of getting it back.
This type of long-term business impact is why I continually stress the importance of having a good response plan. It won't necessarily prevent an attack, but having a plan will help stop the bleeding if an attack occurs, reducing the amount of information in harm's way.
There are six things you must do in order to prepare yourself, your network and your business for the inevitable security breach:
Plan for a security breach, step by step
Step 1: Define what "breach" means to your business
Step 2: Don't overlook critical network infrastructure systems
Step 3: Know who to contact and have that information available
Step 4: Develop a simple yet methodical set of response steps
Step 5: Get input from others affected by a security breach
Step 6: Keep your momentum going
About the author: Kevin Beaver is an independent information security consultant, speaker and expert witness with Atlanta-based Principle Logic LLC. He has more than 19 years of experience in IT and specializes in performing information security assessments revolving around compliance and IT governance. Kevin has authored/co-authored six books on information security including Hacking For Dummies and Hacking Wireless Networks For Dummies (Wiley) as well asThe Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He's also the creator of the Security On Wheels audiobook series. You can reach Kevin at firstname.lastname@example.org>.
This was first published in March 2007