Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
ManagementPhysicalAccess ManagementFire & Life SafetyIdentity ManagementPhysical Security

What it takes to create an impactful incident response program

By John Torres, Michael Reyes
Insights on Emergency Management
April 20, 2021

The last year has certainly shown businesses all around the world that they must be prepared for the unexpected. How they manage the unexpected is what separates those that sail through their challenges and those that let them significantly harm the institution. Being prepared starts with establishing an effective incident response program.

Why is incident response necessary?

Incident response is an organization’s systematic approach to managing an event or occurrence that may have a significant impact on operations via a human-induced threat (active assailant, terrorist attack, cyber compromise), a hybrid situation (pandemic, fire, power outage, industrial or transportation disaster), or a natural disaster (floods, earthquakes, tornadoes, wildfires, pandemics). The main concern for businesses is that relatively small incidents can escalate and become crises, an occurrence having or likely having a catastrophic impact on operations. Organizations typically seek to establish a robust incident response function to protect people, minimize damage to assets and operations, manage recovery costs, and resume operations as soon as possible.

One of the goals of an incident response plan is to prevent or mitigate the risk of an incident becoming a crisis. A well-exercised plan sets forth roles and responsibilities and instructs employees and business owners on immediate measures to protect people, assets, the environment, and the organization’s reputation. Planning for the worst from the start can often lead to more positive outcomes. To achieve optimal results, an effective incident response program should be straightforward and precise. Anyone reading the plan should be able to quickly determine what needs to be done, and who needs to do it. Then, we turn to using the tools we have at our disposal in the program.

Preparation, preparation, preparation!

Once an organization has created its incident response program, it must prepare to implement. As the old saying goes, “practice makes perfect.” During an incident, time is of the essence. Having a well-rehearsed plan helps organizations react quickly to limit further damage or disruption and save organizational resources. Much of the work in incident response is built upon preparedness. Preparing for an incident helps organizations react faster and often helps reduce the costs resulting from an incident.

Incidents come in all shapes and sizes. While we have certainly learned from the pandemic that an unforeseen incident can quickly become a crisis, an incident can also remain localized and not rise to the level of a crisis. For instance, an incident might take the form of a disgruntled customer assault over facemask mandates enforced at a small business. But even small businesses need to be prepared for much larger events. This is why security professionals encourage businesses to focus on prevention and preparedness measures as the best way to ensure corporate resilience.

Early detection is highly useful for organizations in mitigating major incidents. Certain incidents lend themselves well to early detection, such as major weather events that can be forecast. On the other hand, cyber breaches can be more difficult to detect. For perspective, it takes an average of approximately 200 days to detect a data breach. One of the most common mistakes businesses make is assuming their networks are secure. As technology has advanced, the need for security infrastructure to protect company assets has grown as well. Aging hardware and software in corporate networks can expose vulnerabilities, and a plan to keep these protections up to date is necessary when forming an incident response program. While we strive for early detection, once an incident occurs, having a viable response plan will limit the damage, expenses, and recovery time for the business, which are all critical to the success of the organization.

The critical aspects of an incident response program

There are several main aspects to keep in mind when creating a meaningful response program. Each one is critically important to an overall strategy.

  • Preparation and Training are key to effective incident response. This includes the creation of an incident response plan setting forth roles, responsibilities, and authorities, and conducting tabletop exercises for key team members and executives.
  • Detecting, Reporting and Documenting of security events will help alert management to potential security incidents that must be reported.
  • Pre-Selecting Third-Party Service Providers needed to respond to an incident to avoid taking valuable time and resources from the response effort. This includes lawyers, public relations/crisis communications firms, digital forensics/incident response professionals, etc.
  • Communication with both internal and external parties should be included in the plan, as well as information sharing and law enforcement liaison processes.
  • Analysis of collected data and trigger points can minimize the breach or intrusion.
  • Containment and Neutralization of an incident may be the difference between having a profitable year or sustaining major losses.
  • Post-Incident Activity Reviews will identify breakdowns in the plan, existing safeguards, or procedures. Lessons learned are an important step to preventing repeat incidents.

The plan should be revisited and reevaluated at least annually to ensure it remains up to date.  Having these critical functions in place within an organization’s incident response plan are the keys to a well-crafted strategy. By applying them effectively, a business can quickly and efficiently identify any potential incident and act before negative consequences occur.

In the security industry, we often focus on the concept of foreseeability. An organization that previously encountered a major incident or crisis has a foreseeability challenge in that if a similar situation emerges because proper measures were not put in place, it could be at more risk for significant losses. Oftentimes, the best preventative measure is having a plan in place. While you may not have a sixth sense for what’s coming, you can take a strong stand against potential incidents. The best prevention is preparation.

 

KEYWORDS: asset management emergency response incident response public safety

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

John Torres is President of Security & Technology Consulting at Guidepost Solutions.

Michael Reyes is Regional Vice President at Guidepost Solutions.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • crisis-management-plan-fp1170x658v26.jpg

    Incident response plan: 5 basic steps to consider

    See More
  • SEC1020-Cover-Feat-slide1_900px

    Corning takes unified approach to pandemic response

    See More
  • data-cyber-software-freepik

    Actionable tips to create a business cybersecurity plan

    See More

Related Products

See More Products
  • 9780367259044.jpg

    Understanding Homeland Security: Foundations of Security Policy

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing