Unsure of how to get started on your organisation's cyber resilient program? Contact us now
Microsoft Teams image

17 Nov 2022

Weekly Security Update with your Cybercrafters: Incident Response vs Incident Management

Are you a business owner who knows the difference between Incident Response and Incident Management.

Read more
Home Blog

Your business has just had a ransomware attack, and you’re not sure what to do or where to start. Then you go to Bob who has looked after your IT for the last 20 years. Which can be a good starting point, but then who does the communication with your staff? And to your clients? What are the protocols that are in place? Who is responsible for what when your business has a breach? These are all the aspects that Bob is not going to be handling, because IT will work with you on dealing with the technical elements of the incident but not the whole incident itself. So, Bob is your incident responder and therefore, it is crucial to make sure you have an ironclad incident management plan in place.

Then what is the difference between incident management and incident response? Incident response is the process of dealing with once a cyber incident happens, detecting, containing and recovering from the incident. This is where your IT guy or your CIO comes in and helps you deal with the fallout of an incident. Incident management is having a business plan (incident management playbook) in place to be prepared for a cyber incident. This includes understanding, and allocating roles and responsibilities within the organisation for when an incident does happen. This also includes having preplanned communications and who are the stakeholders that need to be informed, and when. This is to prepare for the worst, so that if the worst does happen you have an activation plan in place.

You might say, well yes that sounds important, but I have no budget. I have spent my IT budget already. The good thing about incident management is, that it is considered a business problem and not an IT problem. This means that the cost does not come from IT but from your business risks budget. So as there becomes a growing digital dependency this will intensify cyber threats. And cyber breaches are not a matter of if but when. So, it is really important to be prepared by having that incident management plan in place.

Share this article

More articles

Weekly Security Update with your Cybercrafters

17 Nov 2022

Weekly Security Update with your Cybercrafters

Cyber Security breaches have increased over the last few months. The danger with cyber breaches being frequently reported is that people become complacent. However, essential issues need to be considered. Does a cyber breach impact an organisation’s reputation? How does a cyber breach affect day-to-day business function as operations halt due to a ransomware attack?

Read more
Another cyber breach for the health sector in the Waikato region

17 Nov 2022

Another cyber breach for the health sector in the Waikato region

Pinnacle Midlands Health Network had a cyber incident on the 4th of October which has led to patients NHI number, addresses and names have been breached. The consequences can be dire, as vulnerable patients are yet again targeted in the Waikato region. What are some of the lessons you can take from this for your organisation?

Read more
Why should Boards say Yes to ISO 27001?

17 Nov 2022

Why should Boards say Yes to ISO 27001?

With data security breaches, ransomware and other malware attacks increasing, the ability organisations are challenged with what levels of organisation-wide cyber risk management are appropriate?

Read more