\u201cDear Network User,\u201d the email begins. \u201cWe regret to inform you that your MyCompany account has been suspended. Please follow the link below to update your account.\u201d It seems legitimate, your customer thinks. After all, \u201cMyCompany\u201d is the name of their organization. They click the link and\u2014just like that\u2014they\u2019ve opened the door for malware, allowing it to begin infiltrating the entire network.<\/p>\n
As a managed services provider (MSP), it\u2019s your responsibility to immediately jump into action. That means turning to your cybersecurity IT incident response plan to guide you through.<\/p>\n
An IT incident response plan is a documented process for dealing with a cyberattack. With the right plan in place, MSPs can quickly identify where a breach occurred, what systems were affected, and how they should respond to eradicate the malware.<\/p>\n
So why do you need an incident response plan? While a security-savvy company will rely on preventative practices\u2014updating their antivirus software, putting appropriate patches in place, or running daily backups\u2014to protect against a cyberattack, there is always a chance of an attack slipping through the cracks.<\/p>\n
According to recent reports<\/a>, the number of phishing attacks rose in the third quarter of 2019 to a level not seen since late 2016. What\u2019s more, a 2019 report found that 43% of all cyberattacks are targeted at small businesses<\/a>. These startling statistics make a strong case in favor of adopting a robust incident response plan that helps ensure MSPs know exactly how to proceed if their customers fall victim to a cyberattack.<\/p>\n The number of incident response steps included in an incident response plan can vary from company to company, but typically these plans <\/a>resemble some form of the following:<\/p>\n Having a secure, standard system for documenting all breach-related data (the who, what, when, where, and how) during an incident response process is crucial. These documentation systems empower MSPs and their customers to:<\/p>\n Better prepare for the future:<\/strong> By reviewing notes pertaining to what went wrong\u2014and what went right\u2014MSPs are armed with the insights they need to adjust their incident response plan accordingly. In most cases, certain steps are updated to better prepare for future attacks, while steps that proved their worth remain.<\/p>\n Remain compliant:<\/strong> Many MSPs deal with customers who have to comply with strict industry regulations. For example, any company that deals with the personal data of European Union residents must comply with the General Data Protection Regulation (GDPR) requirements. According to the GDPR, companies may be required to report a breach [if it is likely to put EU citizens\u2019 personal data at risk. As part of this reporting, companies must detail the nature of the breach, the likely consequences of the breach, and the measures taken or proposed to be taken to address the breach, among other key factors. Having this data already well documented will help facilitate the entire reporting process.<\/p>\nHow to create an incident response plan<\/strong><\/h2>\n
\n
IT documentation\u2014a crucial component of incident response<\/strong><\/h2>\n