Shawn Tuma, profile picture
Uploaded byShawn Tuma
450 views

Cyber Incident Response Checklist

This checklist outlines the steps a company should take in response to a cyber incident. It includes determining if the incident warrants escalation, documenting decisions, mitigating any ongoing compromise, engaging legal counsel, activating an incident response plan, notifying relevant parties such as insurers and business partners, investigating the scope of data compromised, assessing legal obligations, determining if law enforcement or public notification is required, and implementing measures to prevent future breaches. The checklist emphasizes having an incident response plan in place before a breach occurs to facilitate a coordinated response.

Embed presentation

Downloaded 36 times
Spencer Fane LLP | spencerfane.com Cyber Incident Response Checklist n Determine whether incident justifies escalation n Begin documentation of decisions and actions n Begin mitigation of compromise n Engage experienced legal counsel to guide through process, determine privilege vs disclosure tracks n Activate Incident Response Plan and notify and convene Incident Response Team n Notify cyber insurance carrier n Notify affected business partners per contractual obligations n Engage forensics to mitigate continued harm, gather evidence, and investigate n Assess scope and nature of data compromised n Preliminarily determine legal obligations based on type of data and jurisdictions n Determine whether to notify law enforcement n Begin preparing public relations message n Engage notification / credit services vendor n Investigate whether data has been “breached” n Determine when notification “clock” started n Remediate and protect against future breaches n Confirm notification / remediation obligations n Determine proper remediation services n Assemble contact information for notifications n Prepare notification letters, frequently asked questions, and call centers n Plan and time notification “drop” n Implement public relations strategy n Administrative reporting (AGs, HHS, FTC, SEC) n Implement Cyber Risk Management Program Assess Cyber Risk Strategic Planning Deploy Defense Assets Develop, Implement & Train on P&P Tabletop Testing Reassess & Refine Cyber Risk Management Program “Firms must adopt written policies to protect their clients’ private information . . . they need to anticipate potential cybersecurity events and have clear procedures in place rather than waiting to react once a breach occurs.” – S.E.C. v. R.T. Jones Capital Equities Mgt.

More Related Content

PDF
Cyber Hygiene Checklist
byShawn Tuma
 
PDF
The Legal Case for Cyber Risk Management Programs and What They Should Include
byShawn Tuma
 
PPTX
Managing security risks in today's digital era
bySingtel
 
PDF
Lets talk data security
byNovosco
 
PDF
ICT Security: Defence strategies against targeted attack
byDaniele Bellavista
 
PPTX
Communicating cybersecurity
byJisc
 
PDF
Darryl T. Smith Resume (1)
byDarryl Smith, CISSP
 
PDF
Mastering next gen-siem-usecases-part1
byPriyanka Aash
 
Cyber Hygiene Checklist
byShawn Tuma
 
The Legal Case for Cyber Risk Management Programs and What They Should Include
byShawn Tuma
 
Managing security risks in today's digital era
bySingtel
 
Lets talk data security
byNovosco
 
ICT Security: Defence strategies against targeted attack
byDaniele Bellavista
 
Communicating cybersecurity
byJisc
 
Darryl T. Smith Resume (1)
byDarryl Smith, CISSP
 
Mastering next gen-siem-usecases-part1
byPriyanka Aash
 

What's hot

PDF
Audit summary from security solutions and ovation tech
byMeg Weber
 
PPTX
IASA ey deck presentation
byKenneth Dorado, CISA, HCISPP
 
PDF
Top 6 Sources for Identifying Threat Actor TTPs
byRecorded Future
 
PDF
NETWORK SECURITY MONITORING WITH BIG DATA ANALYTICS - Nguyễn Minh Đức
bySecurity Bootcamp
 
PDF
Penetration Testing and Vulnerability Assessments: Examining the SEC and FINR...
byTruShield Security Solutions
 
DOC
Updated Senior Cyber Intel security analyst
byTiffany Doby
 
PDF
Cal Net Tech Talk Webinar Vulnerability Management 101-10 Essential Rules to ...
byLaryssa Mereszczak
 
PDF
The Legal Case for Cyber Risk Management Programs and What They Should Include
byShawn Tuma
 
PPTX
Cybersecurity Fundamentals for Legal Professionals
byShawn Tuma
 
PDF
CV-SMB-infographic-small
byJeff Geissler
 
PDF
Global Ransomware Attacks
byEmily Brown
 
PPTX
Multimedia content security in file based environments - sami guirguis
bysamis
 
PPTX
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
byStanton Viaduc
 
PPTX
Saner 2.0
bySecPod Technologies
 
PDF
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
bySaraPia5
 
Audit summary from security solutions and ovation tech
byMeg Weber
 
IASA ey deck presentation
byKenneth Dorado, CISA, HCISPP
 
Top 6 Sources for Identifying Threat Actor TTPs
byRecorded Future
 
NETWORK SECURITY MONITORING WITH BIG DATA ANALYTICS - Nguyễn Minh Đức
bySecurity Bootcamp
 
Penetration Testing and Vulnerability Assessments: Examining the SEC and FINR...
byTruShield Security Solutions
 
Updated Senior Cyber Intel security analyst
byTiffany Doby
 
Cal Net Tech Talk Webinar Vulnerability Management 101-10 Essential Rules to ...
byLaryssa Mereszczak
 
The Legal Case for Cyber Risk Management Programs and What They Should Include
byShawn Tuma
 
Cybersecurity Fundamentals for Legal Professionals
byShawn Tuma
 
CV-SMB-infographic-small
byJeff Geissler
 
Global Ransomware Attacks
byEmily Brown
 
Multimedia content security in file based environments - sami guirguis
bysamis
 
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
byStanton Viaduc
 
Saner 2.0
bySecPod Technologies
 
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
bySaraPia5
 

Similar to Cyber Incident Response Checklist

PDF
Real World Cyber Risk. Understand it. Manage it.
byShawn Tuma
 
PDF
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
byShawn Tuma
 
PDF
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
byShawn Tuma
 
PPTX
Purple Gradient Illustration Cyber Security Presentation (1).pptx
byadnanhanif190b
 
PDF
Cybersecurity Incident Response Planning.pdf
byCiente
 
PDF
Cybersecurity: Cyber Risk Management for Lawyers and Clients
byShawn Tuma
 
PPTX
What to do when get hacked or suffer a cyber breach
byEast Midlands Cyber Security Forum
 
PPTX
HEMISPHERE SMB Case Study
byCarter Schoenberg
 
PDF
Cyber Incident Response View - Aeren LPO.
byAeren LPO
 
PPTX
KSS ON CYBERSECURITY INCIDENT RESPONSE AND PLANNING MANAGEMENT.pptx
byCashmir Pangandaman
 
PDF
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
byShawn Tuma
 
PPTX
Cyber Incident Response Review & Data Breach Management – AerenLPO
byAeren LPO
 
DOCX
Cyber+Capability+Toolkit+-+Cyber+Incident+Response+-+Cyber+Incident+Response+...
byMaoTseTungBritoSilva1
 
PDF
What to Do Before a Cyber Incident Occurs
byColleen Beck-Domanico
 
PDF
Department of Homeland Security Guidance
byMeg Weber
 
PDF
DHS Guidelines
byMeg Weber
 
PDF
Cyber Security 101: What Your Agency Needs to Know
bySandra Fathi
 
PPTX
Cybersecurity Crisis Management Introduction
byNaor Penso
 
PPT
cyber security incident exercises TTX .ppt
byZharfanHanif
 
PDF
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
byShawn Tuma
 
Real World Cyber Risk. Understand it. Manage it.
byShawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
byShawn Tuma
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
byShawn Tuma
 
Purple Gradient Illustration Cyber Security Presentation (1).pptx
byadnanhanif190b
 
Cybersecurity Incident Response Planning.pdf
byCiente
 
Cybersecurity: Cyber Risk Management for Lawyers and Clients
byShawn Tuma
 
What to do when get hacked or suffer a cyber breach
byEast Midlands Cyber Security Forum
 
HEMISPHERE SMB Case Study
byCarter Schoenberg
 
Cyber Incident Response View - Aeren LPO.
byAeren LPO
 
KSS ON CYBERSECURITY INCIDENT RESPONSE AND PLANNING MANAGEMENT.pptx
byCashmir Pangandaman
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
byShawn Tuma
 
Cyber Incident Response Review & Data Breach Management – AerenLPO
byAeren LPO
 
Cyber+Capability+Toolkit+-+Cyber+Incident+Response+-+Cyber+Incident+Response+...
byMaoTseTungBritoSilva1
 
What to Do Before a Cyber Incident Occurs
byColleen Beck-Domanico
 
Department of Homeland Security Guidance
byMeg Weber
 
DHS Guidelines
byMeg Weber
 
Cyber Security 101: What Your Agency Needs to Know
bySandra Fathi
 
Cybersecurity Crisis Management Introduction
byNaor Penso
 
cyber security incident exercises TTX .ppt
byZharfanHanif
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
byShawn Tuma
 

More from Shawn Tuma

PDF
The Dark Side of Digital Engagement
byShawn Tuma
 
PDF
Incident Response Planning - Lifecycle of Responding to a Ransomware Attack
byShawn Tuma
 
PDF
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
byShawn Tuma
 
PPTX
The Role of Contracts in Privacy, Cybersecurity, and Data Breach
byShawn Tuma
 
PDF
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
byShawn Tuma
 
PDF
Lawyers' Ethical Obligations for Cybersecurity
byShawn Tuma
 
PDF
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
byShawn Tuma
 
PPT
Something is Phishy: Cyber Scams and How to Avoid Them
byShawn Tuma
 
PPTX
Cybersecurity Fundamentals for Legal Professionals (and every other business)
byShawn Tuma
 
PPTX
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
byShawn Tuma
 
PDF
Cybersecurity Update
byShawn Tuma
 
PDF
Effective cybersecurity for small and midsize businesses
byShawn Tuma
 
PDF
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
byShawn Tuma
 
PPTX
"What Could Go Wrong?" - We're Glad You Asked!
byShawn Tuma
 
PDF
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
byShawn Tuma
 
PDF
Cybersecurity: How to Protect Your Firm from a Cyber Attack
byShawn Tuma
 
PDF
Recovering from a Cyber Attack
byShawn Tuma
 
PPTX
Contracting for Better Cybersecurity
byShawn Tuma
 
PPTX
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
byShawn Tuma
 
PPTX
The Essentials of Cyber Insurance: A Panel of Industry Experts
byShawn Tuma
 
The Dark Side of Digital Engagement
byShawn Tuma
 
Incident Response Planning - Lifecycle of Responding to a Ransomware Attack
byShawn Tuma
 
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
byShawn Tuma
 
The Role of Contracts in Privacy, Cybersecurity, and Data Breach
byShawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
byShawn Tuma
 
Lawyers' Ethical Obligations for Cybersecurity
byShawn Tuma
 
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
byShawn Tuma
 
Something is Phishy: Cyber Scams and How to Avoid Them
byShawn Tuma
 
Cybersecurity Fundamentals for Legal Professionals (and every other business)
byShawn Tuma
 
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
byShawn Tuma
 
Cybersecurity Update
byShawn Tuma
 
Effective cybersecurity for small and midsize businesses
byShawn Tuma
 
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
byShawn Tuma
 
"What Could Go Wrong?" - We're Glad You Asked!
byShawn Tuma
 
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
byShawn Tuma
 
Cybersecurity: How to Protect Your Firm from a Cyber Attack
byShawn Tuma
 
Recovering from a Cyber Attack
byShawn Tuma
 
Contracting for Better Cybersecurity
byShawn Tuma
 
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
byShawn Tuma
 
The Essentials of Cyber Insurance: A Panel of Industry Experts
byShawn Tuma
 

Recently uploaded

PDF
30988_2019_3_29_58213_Order_03-Jan-2025.pdf
bysabranghindi
 
PPTX
2025 RACCS, RA 6713 and Liabilities.pptx
byMichaelCleofasAsuten
 
PDF
19th BJS Preparation Series-Consent and Free Consent in Contract Law.pdf
by Judge Nazmul Hasan.
 
PDF
30988_2019_2_20_64213_Order_15-Sep-2025.pdf
bysabranghindi
 
PDF
David Davis Lawyer - Serves On The Ben Gurion University Board
byDavid Davis Lawyer
 
PDF
INDUSTRIAL RELATIONS AND LABOUR LAWS.pptx.pdf
byEcShanthinipraba
 
PDF
For-Website-260107-CJP-complaint-to-Zee-News-Channel-Debate-on-Hindu-Lynching...
bysabranghindi
 
PDF
FY2027 H-1B Visa Predictions: What Are Your Chances of Being Selected?
byVisaPro Immigration Services LLC
 
PDF
260119-ED-251024-Attacks-on-dalits-Links-1.pdf
bysabranghindi
 
PDF
Paper on- Children in conflict with laws and its Causative factor
byShanta Bhandari
 
PDF
Free FY2027 H1 Visa Timeline Template - Download Now
byVisaPro Immigration Services LLC
 
PPTX
Advancement in Legal Translation presentation.pptx
bygourivb
 
PPT
Decision Making - it's theory&approaches
byShanta Bhandari
 
PDF
30988_2019_3_10_61151_Order_24-Apr-2025.pdf
bysabranghindi
 
PDF
A Brief Introduction About Suneet Sandhu Atlanta GA
bySuneet Sandhu Atlanta GA
 
PDF
FY2027 H1B Cap Filing Secrets: Why You Should Plan Now?
byVisaPro Immigration Services LLC
 
PDF
BJS Excellence: The FIR Protocols-by Judge Nazmul Hasan.pdf
by Judge Nazmul Hasan.
 
PDF
Jan-29-SC-stays-ugc-regulations.pdf regulations
bysabranghindi
 
PDF
Meetings between Go X and Federal Agencies
byrusomafioso1
 
PDF
FY2027 H-1B Cap Filing Mistakes: How To Avoid Them?
byVisaPro Immigration Services LLC
 
30988_2019_3_29_58213_Order_03-Jan-2025.pdf
bysabranghindi
 
2025 RACCS, RA 6713 and Liabilities.pptx
byMichaelCleofasAsuten
 
19th BJS Preparation Series-Consent and Free Consent in Contract Law.pdf
by Judge Nazmul Hasan.
 
30988_2019_2_20_64213_Order_15-Sep-2025.pdf
bysabranghindi
 
David Davis Lawyer - Serves On The Ben Gurion University Board
byDavid Davis Lawyer
 
INDUSTRIAL RELATIONS AND LABOUR LAWS.pptx.pdf
byEcShanthinipraba
 
For-Website-260107-CJP-complaint-to-Zee-News-Channel-Debate-on-Hindu-Lynching...
bysabranghindi
 
FY2027 H-1B Visa Predictions: What Are Your Chances of Being Selected?
byVisaPro Immigration Services LLC
 
260119-ED-251024-Attacks-on-dalits-Links-1.pdf
bysabranghindi
 
Paper on- Children in conflict with laws and its Causative factor
byShanta Bhandari
 
Free FY2027 H1 Visa Timeline Template - Download Now
byVisaPro Immigration Services LLC
 
Advancement in Legal Translation presentation.pptx
bygourivb
 
Decision Making - it's theory&approaches
byShanta Bhandari
 
30988_2019_3_10_61151_Order_24-Apr-2025.pdf
bysabranghindi
 
A Brief Introduction About Suneet Sandhu Atlanta GA
bySuneet Sandhu Atlanta GA
 
FY2027 H1B Cap Filing Secrets: Why You Should Plan Now?
byVisaPro Immigration Services LLC
 
BJS Excellence: The FIR Protocols-by Judge Nazmul Hasan.pdf
by Judge Nazmul Hasan.
 
Jan-29-SC-stays-ugc-regulations.pdf regulations
bysabranghindi
 
Meetings between Go X and Federal Agencies
byrusomafioso1
 
FY2027 H-1B Cap Filing Mistakes: How To Avoid Them?
byVisaPro Immigration Services LLC
 

Cyber Incident Response Checklist

  • 1.
    Spencer Fane LLP| spencerfane.com Cyber Incident Response Checklist n Determine whether incident justifies escalation n Begin documentation of decisions and actions n Begin mitigation of compromise n Engage experienced legal counsel to guide through process, determine privilege vs disclosure tracks n Activate Incident Response Plan and notify and convene Incident Response Team n Notify cyber insurance carrier n Notify affected business partners per contractual obligations n Engage forensics to mitigate continued harm, gather evidence, and investigate n Assess scope and nature of data compromised n Preliminarily determine legal obligations based on type of data and jurisdictions n Determine whether to notify law enforcement n Begin preparing public relations message n Engage notification / credit services vendor n Investigate whether data has been “breached” n Determine when notification “clock” started n Remediate and protect against future breaches n Confirm notification / remediation obligations n Determine proper remediation services n Assemble contact information for notifications n Prepare notification letters, frequently asked questions, and call centers n Plan and time notification “drop” n Implement public relations strategy n Administrative reporting (AGs, HHS, FTC, SEC) n Implement Cyber Risk Management Program Assess Cyber Risk Strategic Planning Deploy Defense Assets Develop, Implement & Train on P&P Tabletop Testing Reassess & Refine Cyber Risk Management Program “Firms must adopt written policies to protect their clients’ private information . . . they need to anticipate potential cybersecurity events and have clear procedures in place rather than waiting to react once a breach occurs.” – S.E.C. v. R.T. Jones Capital Equities Mgt.