Incident Response Priorities
Summary
This discussion highlights the importance of prioritizing responses to incidents, particularly in the context
of business continuity planning (BCP) and incident response. The host, Chad Kliewer, and special guest,
Daniel Hernandez, emphasize several key takeaways:
1. **Security Supports Business Operations:** Security exists to support business operations and ensure
their safe continuation. BCP aims to create actionable solutions to prepare for various threats that could
impact an organization, not only natural disasters but also pandemics, accidents, and more.
2. **Communication is Vital:** Effective communication during incidents is crucial. Clear communication
with stakeholders and affected parties is important, both for technical and non-technical individuals.
Timely and clear communication helps manage incidents effectively.
3. **Post-Incident Activities Matter:** Post-incident activities are essential for learning and
improvement. Analyzing incidents, understanding what went wrong, and identifying opportunities for
growth help enhance future incident response and overall security practices.
4. **Government Agencies and Trust Relationships:** For critical infrastructure organizations,
establishing trust relationships with government agencies such as CISA and the FBI is important. Having
documented contacts and processes ensures timely collaboration during critical incidents.
5. **Entry-Level Advice:** Entry-level individuals should not be discouraged. Information security is a
rewarding field, and continuous learning and mentorship can lead to growth and success.
Remember, security is about learning from incidents, improving processes, and adapting to new
challenges. Effective communication, documentation, and collaboration with relevant entities play a
significant role in ensuring business continuity and minimizing the impact of incidents.