Incident Response

Last updated on June 5, 2024

Description

Incident response (or cybersecurity incident response) refers to an organization’s processes and technologies for preventing, detecting, and, responding to cyberthreats, security breaches or cyberattacks. A formal incident response plan assists an organisation in planning for a cyber event by identifying general roles, responsibilities, communications, actions and responses ahead of an actual cyber-event.

Outcomes

Ability to manage active cyberattacks.
Defined procedures, roles, and responsibilities to manage security incidents and breaches.
Improved incident response time.
Informed and tested incident response procedures.
Ability to identify and contain intruders in their system.

Resources

Cybersecurity Incident Response Process
A breakdown of the incident response process using the SANS PICERL incident response model.

Incident Response Plan Template
An template designed to support an organized response to security incidents.

Developing Your Incident Response Plan
Your incident response plan includes the processes, procedures, and documentation related to how your organization detects, responds to, and recovers from incidents.

Cybersecurity Alerts
Cybersecurity alerts provide timely information about current security issues, vulnerabilities, and threats.

SIRT Terms of Reference
Terms of Reference document created for Security Incident Response Teams.

_{Download all Resources (.zip)}

Did you find what you were looking for?

The B.C. Public Service acknowledges the territories of First Nations around B.C. and is grateful to carry out our work on these lands. We acknowledge the rights, interests, priorities, and concerns of all Indigenous Peoples - First Nations, Métis, and Inuit - respecting and acknowledging their distinct cultures, histories, rights, laws, and governments.

More topics

Incident Response

Description

Outcomes

Resources