Make Sure You Have a Clearly Defined Incident Response Policy
This defines key terms, establishes time frames and priorities for responding to incidents, and explains all roles and responsibilities. The incident response policy will help inform your incident response plan.
Provide Training for Everyone Involved in the Incident Response Plan
Internal and outsourced incident responders are important players, but don’t overlook security operations center personnel, IT support staff and end users when developing your playbook. Training for all parties on software, incident identification and reporting is critical.