Developing an Effective Incident Response PlanCrowdStrike’s Mark Goudie on Why Plans Must Be Tailor-Made and Frequently Tested
An incidence response plan is worthless unless it's customized to meet an organization's needs and tested on a regular basis, says Mark Goudie, regional director services, APJ, at CrowdStrike.
“I have reviewed a number of companies for their incident response plans," he says. "Not every incident response plan is the same. A bank would have a different incident response plan compared to an online trading company. You can’t blindly replicate an incident response plan from another industry just because it proved successful there."
In a video interview with Information Security Media Group, Goudi also discusses why:
- Some incident response plans are ineffective;
- Testing and revising a plan is essential;
- Key elements must be included.
Goudie is regional director services, APJ at CrowdStrike. He has more than two decades of experience as a programmer, security manager, network engineer, penetration tester and incident responder in companies around the world. He leads a team of experts that help respond to incidents.