Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack. It is sometimes referred to as an IT incident, computer incident or security incident. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.

It can be argued that the dramatic increase in cyberattacks in recent years, the variety, notoriety and the severity of impacts warrant a revisit of incident response strategies and technologies.

According to a report by Red Canary, 49% of organisations surveyed are not equipped to meet cybersecurity challenges, while 54% are wasting valuable time investigating low-level alerts and slowing down the incident response process.

Joining us today on PodChats for FutureCISO is Pei Yuen Wong, chief technology officer at IBM Security ASEANZK, to talk in greater detail about futureproofing enterprise incident response strategies.

1.       What is Enterprise Incident Response (EIR)?

2.       How has it changed (or not) between 2020 and today?

3.       Given the increased cyber threats, should enterprise incident response strategies be updated to reflect this new reality? 

4.       In lieu of this, should a new team be created to focus squarely on cyber risks or would updating the overall EIR be sufficient?

5.       What should be the composition of a post-COVID cybersecurity incident response plan (CSIRP)? (cover both the people, process, and technology elements)

6.       In general, where are the blind spots of many EIR or CSIRP?

7.       What do you see will be critical issues that CISOs and leadership must tackle to ensure organisation’s EIR/CSIRP are ready and able to stand up to the challenges ahead?