The importance of organizational incident response plans
There have been several painful lessons in the recent past that can be used to show why organizations ought to take IR seriously. In 2013, Target was a victim to several repeated, and increasingly severe, attacks. This was attributed to the organization's ineffective internal security structure and poor IR management. Similarly, Equifax fell victim to poor publicity and damaged its brand for failing to share information about its 2017 attack with the public. As can be seen, even very high-profile companies can be victims of poor IR protocols and the same fate can befall SMEs. Some of the key reasons why organizations should develop effective IR plans are detailed in the following sections.
Protecting data
There has been a spike in the listings of stolen data on black market sites. Estimates show that a single database with 1 million users can go for as little as USD 2000. In February 2019, an unknown individual...
