What is it?
A comprehensive, step-by-step series of actions to be followed by an organization’s computer security incident response team (CSIRT) and business operations personnel following a verified cybersecurity incident to reduce the overall impact of the incident.
Why is it important?
When properly implemented, an incident response plan can help ensure an effective response to security incidents and help mitigate the effects of a potentially serious event. The presence of a well-rehearsed plan has proven to reduce the financial impact of security incidents.