As of 2018, all 50 states, the District of Columbia, Guam, Puerto Rico and the Virgin Islands require private and government entities to notify individuals whose information was involved in a security breach. Due to these breach notification laws, it’s imperative that your organization has an incident response plan in place. It is this plan that will help your organization:

  • Guide responses to cybersecurity breaches.
  • Help the organization plan mitigation and containment more effectively.
  • Reduce costs from mistakes associated with reacting to a breach under pressure.

Partner’s in Regulatory Compliance (PIRC) incident response plan service follows the NIST SP800-61 standard for computer security incident handling. The plan will be custom-designed around your people, processes, and technical environment and will include the following key elements.

  • Statement of management commitment
  • Purpose and objectives of the policy
  • Scope of the policy (to whom it and to what it applies and under what circumstances)
  • Definition of computer security incidents and related terms
  • Organizational structure and definition of roles, responsibilities, and levels of authority, including the authority of the incident response team to confiscate or disconnect equipment and to monitor suspicious activity
  • The requirements for reporting certain types of incidents
  • The requirements and guidelines for external communications and information sharing (e.g., what can be shared with whom, when, and over what channels)
  • The handoff and escalation points in the incident management process
  • Prioritization (severity) rating of incidents
  • Performance measures
  • Reporting and contact forms

We have 2 options for your Cybersecurity Incident Response Plan (IRP) needs, including a FREE one.

  1. DO IT YOURSELF: FREE Cybersecurity Incident Repose Plan (IRP) Word, .DOCX template
  2. PAID ENGAGEMENT: Complete, consultative Cybersecurity Incident Response Plan engagement. PIRC will work with your organization to develop a comprehensive cybersecurity incident response framework. The framework will cover incident management from detection through reporting including breach handling.The Cybersecurity Incident Response Plan (IRP) will include all the following key elements:
    • Statement of management commitment
    • Purpose and objectives of the policy
    • Scope of the policy (to whom it and to what it applies and under what circumstances)
    • Definition of computer security incidents and related terms
    • Organizational structure and definition of roles, responsibilities, and levels of authority, including the authority of the incident response team to confiscate or disconnect equipment and to monitor suspicious activity
    • The requirements for reporting certain types of incidents
    • The requirements and guidelines for external communications and information sharing (e.g., what can be shared with whom, when, and over what channels)
    • The handoff and escalation points in the incident management process
    • Prioritization (severity) rating of incidents
    • Performance measures
    • Reporting and contact forms

Regulatory Compliance

The cybersecurity incident response plan developed in this project complies with the following regulations:

  • PCI Requirement 12.10
  • HIPAA Security Rule §164.308(a)(6)(i)
  • New York State Department of Financial Services 23 NYCRR 500 §500.16
  • Massachusetts 201 CMR 17.03(2)(j)
  • Gramm-Leach-Bliley Act §501(b)
  • Federal Trade Commission 16 CFR Part 314 §314.4(b)(3)

Deliverables

  • Soft copies of your custom incident response plan delivered to your organization.
  • During closeout meeting, Your Cybersecurity consultant will review the cybersecurity incident response plan with you to ensure accurate understanding, adequate knowledge transfer, and to afford participants the ability to ask questions, thus ensuring a smooth handoff and high level of comfort.