What is incident response management and why do you need it?

No one is immune from cyber attacks, data breaches or other catastrophic disasters. The threat looms over all organisations, so they must always be prepared. How well you respond to a security incident can often mean the difference between a minor disruption and going out of business. 

Disruptions can occur in any number of ways and affect different parts of your organisation, so planning for disaster requires a great deal of flexibility. It’s not just a case of outlining a step-by-step process for various events – instead, organisations need to commit to an incident response management system. 

Effective incident management combines thorough planning with adaptability, enabling organisations to detect incidents promptly and respond appropriately. This allows them to mitigate the damage and reduce the delays and costs that come with disruptions. 

But incident management isn’t only good business sense, it’s also a requirement of the EU General Data Protection Regulation (GDPR) and the Network and Information Systems Regulations (NIS Regulations). 

The GDPR and the NIS Regulations 

Article 32 of the GDPR states that organisations must take necessary technical and organisational measures to ensure a high level of information security. This includes the need to implement an effective incident response plan to contain any damage in the event of a data breach and to prevent future incidents from occurring. 

This helps them comply with Article 33 of the Regulation, which requires organisations that suffer a breach that poses a risk to the rights and freedoms of individuals to contact their supervisory authority. The notification must be made within 72 hours of discovery, and should include as much detail about the breach as possible. It should also describe the measures taken, or proposed to be taken, to address the breach, including steps to mitigate possible adverse effects of the incident. 

Meanwhile, the NIS Regulations require organisations to produce: 

  • Detection processes and procedures, which should be regularly monitored to ensure that they are up to date and effective; 
  • Processes and policies for reporting vulnerabilities and security incidents; 
  • Procedures for documenting the response to cyber security incidents; and 
  • Incident analyses to assess an incident’s severity and collect information for the organisation’s continual improvement process. 

Become an incident response expert 

The introduction of the GDPR and the NIS Regulations means that organisations are under an increasingly heavy burden to find security experts. Breaches of either law could result in penalties of up to £17 million and although maximum fines will be reserved for only flagrant or repeat offenses, even moderate penalties could cause lasting damage. 

However, the gaping security skills gap – which reportedly affects 80% of all organisations – is making it hard to find qualified staff. As a result, those with the relevant skills are highly sought after, and are offered generous salaries and the opportunity for career progression. 

If you’re interested in gaining the skills to fill a vital role in GDPR and NIS Regulations compliance, you should consider enrolling on our Incident Response Management Foundation Training Course. 

This one-day course teaches you how to effectively manage and respond to disruptive incidents, and the appropriate steps to limit the damage caused by a disruption to network availability and information security. 

It also provides an introduction to developing an incident response programme according to the requirements of the GDPR and the NIS Regulations. 

Those who pass the course will gain the Certified Incident Response Management Foundation (CIRM F) qualification. 

Find out more >>