50+ INCIDENT RESPONSE PREPAREDNESS CHECKLIST ITEMS
If someone was in your network, would you be able to tell?
The #1 question organizations need to ask themselves is “if someone was in our network, would we be able to tell?” An organization’s ability to answer that single, extremely important question makes all the difference between being able to respond and recover from an incident quickly and cost-effectively vs. being notified by a user, or worse yet, by a federal agency, that something is amiss. Be honest with your answer; most organizations are unable to say “yes” to this question, and it rightfully keeps many information security professionals awake at night.
If you are uncertain how to go about preparing for and detecting an incident on your network, you are not alone. This list contains over 50 items in the following areas that should be prepared ahead of time: