• SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us

Call us today! 844-OCD-TECH

Find our Location
OCD TechOCD Tech
  • SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us
OCD TECH INCIDENT MANAGEMENT

Incident Management

March 17, 2023 Posted by OCD Tech Cybersecurity, disaster recovery, vulnerability assessment

OCD Tech can test your security posture and provide you with the information needed to make appropriate decisions to mitigate risk and decrease exposure to these threats. In this article you will find CISA’s guide to crisis response.

Disruptions to an organization’s operations may occur regularly and can scale from so small that the impact is essentially negligible to so large that they could prevent an organization from achieving its mission. Events whose management may require significant resource investment include natural disasters, loss of a primary data center, a cyber attack that disrupts critical organizational infrastructure, or any event that affects the organization’s ability to deliver critical services. The goal of incident management is to mitigate the impact of a disruptive event.

CRISIS RESPONSE.

Limit Damage and Quicken Restoration of Normal Operations: Plan, prepare, and conduct drills for cyber-attacks and incidents as you would a fire or robbery. Make your reaction to cyber incidents or system outages an extension of your other business contingency plans. This involves having incident management, response plans and procedures, trained staff, assigned roles and responsibilities, and incident communications plans.

Responding to and recovering from a cyber attack:

  1. Lead development of an incident response and disaster recovery plan outlining roles and responsibilities. Test it often. Incident response plans and disaster recovery plans are crucial to information security, but they are separate plans. Incident response mainly focuses on information asset protection, while disaster recovery plans focus on business continuity. Once you develop a plan, test the plan using realistic simulations, where roles and responsibilities are assigned to the people who manage cyber incident responses. This ensures that your plan is effective and that you have the appropriate people involved in the plan. Disaster recovery plans minimize recovery time by efficiently recovering critical systems.
  2. Leverage business impact assessments to prioritize resources and identify which systems must be recovered first. Business impact analysis helps identify and prioritize critical systems, information, and assets. This information determines contingency requirements and priorities for critical information and services. It also allows planning for disruption impacts and identifies allowable outage times. This enables personnel to develop and prioritize recovery strategies that can be used.
  3. Learn who to call for help (e.g., outside partners, vendors, government/industry responders, technical advisors and law enforcement). As part of your incident response, disaster recovery, and business continuity planning efforts, identify and document partners you will call on to help. Consider building these relationships in advance and understand what is required to obtain support. You should also file a report with local law enforcement, so they have an official record of the incident.
  4. Leverage containment measures to limit the impact of cyber incidents when they occur. Communicate and execute your incident response plan, such as isolating a network segment of infected workstations or taking down production servers that were impacted, to rerouting traffic to unaffected infrastructure. Test systems to ensure they are operational and configured securely after the incident is resolved. Communicate the damage done and the improvements applied to recovery planning and action to build trust and a culture of growth and resilience.
  5. Lead development of internal reporting structure to detect, communicate, and contain attacks. Effective communication plans focus on issues unique to security breaches. A standard reporting procedure will reduce confusion and conflicting information between leadership, the workforce, and stakeholders. Communication should be continuous, since most data breaches occur over a long period of time and not instantly.

Source: https://www.cisa.gov/sites/default/files/c3vp/crr_resources_guides/CRR_Resource_Guide-IM.pdf

https://www.cisa.gov/sites/default/files/publications/Cyber%20Essentials%20Toolkit%206%2020201113_508.pdf

Share
0
Avatar photo

About OCD Tech

We provide independent and objective assurance of your IT controls. Using industry recognized frameworks and best practices, we assess your company’s technology risks and evaluate existing controls for risk mitigation. Your business processes are constantly evolving. We ask you, are your IT controls keeping up?

You also might be interested in

Tools of our trade – a multi part series

Aug 17, 2016

IT Audit & Security testing is a hot topic lately. [...]

Vulnerability Scanners: Tell Me Your Dirty Little Secret

Vulnerability Scanners: Tell Me Your Dirty Little Secret

Sep 8, 2020

Have you set up a Nessus scanner and wondered why in the credentialed scan settings menu, the password form field has ‘unsafe!’ next to it?

Don’t Fall Victim To A W-2 Phishing Scam
Phishing Scam, Computer Keyboard with a yellow blank sticky note with text Phishing Scam

Don’t Fall Victim To A W-2 Phishing Scam

May 29, 2018

Businesses have been victimized by W-2 phishing scams in growing[...]

Find us on

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Send Message
OCD Tech logo Audit. Security. Assurance.

IT Audit | Cybersecurity | IT Assurance | IT Security Consultants – OCD Tech is a technology consulting firm serving the IT security and consulting needs of businesses in Boston (MA), Braintree (MA) and across New England. We primarily serve Fortune 500 companies including auto dealers, financial institutions, higher education, government contractors, and not-for-profit organizations with SOC 2 reporting, CMMC readiness, IT Security Audits, Penetration Testing and Vulnerability Assessments. We also provide dark web monitoring, DFARS compliance, and IT general controls review.

Contact Info

  • OCD Tech
  • 25 BHOP, Suite 407, Braintree MA, 02184
  • 844-623-8324
  • https://ocd-tech.com

Follow Us

Videos

Check Out the Latest Videos From OCD Tech!

Services

SOC Reporting Services
– SOC 2 ® Readiness Assessment
– SOC 2 ®
– SOC 3 ®
– SOC for Cybersecurity ®

IT Advisory Services
– IT Vulnerability Assessment
– Penetration Testing
– Privileged Access Management
– Social Engineering
– WISP
– General IT Controls Review

IT Government Compliance Services
– CMMC
– DFARS Compliance
– FTC Safeguards vCISO

Industries

  • Financial Services
  • Government
  • Enterprise
  • Auto Dealerships

© 2025 — OCD Tech: IT Audit - Cybersecurity - IT Assurance

  • OCD Tech
  • About Us
  • Contact Us
Prev Next