Vizium360® > Cybersecurity  > 5 Ways to Update Your Healthcare Incident Response Plan
5 Ways

5 Ways to Update Your Healthcare Incident Response Plan

Topic: 5 Ways to Update Your Healthcare Incident Response Plan

Cybersecurity response plans often become outdated, which can hamper the effectiveness of your team’s response.

Quick, find a copy of your healthcare organization’s cybersecurity incident response plan. Pull that binder off the shelf or call up an electronic copy. OK, now that you have it, let me ask you a few questions.

How long did it take you to find it? Did you have to dust off the physical binder? When was the digital copy last accessed? And, most important, if you were about to launch into an incident response effort right now, how confident would you be with that plan by your side?

If that quick exercise left you with an uneasy feeling in the pit of your stomach, you’re not alone. Many organizations have outdated incident response plans that haven’t been opened in months or years.

Now would be a great time to revisit your plan and make sure it’s ready to meet your needs based on your current operating environment and the modern threat landscape.

Plan Ahead to Prevent Chaos During Emergencies

Incident response plans are often first created to “check a box.” It’s not unusual for organizations to rush to quickly document their plan right before an audit or another type of review.

Whatever the impetus, technology leaders often pull together the first version of an incident response plan in a hurry to meet a deadline and then put it back on the shelf to gather physical or virtual dust.

That approach doesn’t do anyone any good. It might fulfill the immediate requirement, but the plan certainly isn’t a useful tool to help guide cybersecurity incident response efforts.

A well-designed incident response plan serves a much more important purpose. Such plans, when crafted properly, bring the calm, collected environment of the planning room into the chaos of a security incident. Let’s talk about five things that you can look for as you seek to revitalize your organization’s incident response plan.

1. Identify Your Critical Systems and Information

One of the most important components of an incident response plan is a list of the systems and information critical to business operations. This asset list serves as an important tool to prioritize incident response efforts, strengthening protections around those systems and restoring them first in the event of a service disruption.

Operational circumstances change over time, and it’s unreasonable to assume that the critical asset inventory that you developed when you first wrote your response plan is still valid today.

As you update your incident response plan, take the time to validate this list and determine whether your current environment, related to both patient care and business operations, warrants adding or removing items from the inventory.

Topic Discussed: 5 Ways to Update Your Healthcare Incident Response Plan

Read Original Article