Have an Internet Security Incident plan that is securely documented and kept offline in multiple hard copies. Make sure the plan is regularly discussed, updated and rehearsed by your key operations team.
The plan should include everything from equipment backup and build procedures through to a customer communications and media management plan. Just the act of creating a proper incident management plan and your staff being trained in its processes can save you thousands of dollars in downtime and confusion when an incident happens.
When you are making the plan, imagine what would happen in hollywood. Think of stuff that seems inconcevable like being in the media non stop for a fortnight and your customers being unable to contact you.
Work out how to handle these worst case scenarios in the most graceful and strategically positive way possible, document it and train your people. It often makes sense to have an external facilitator who can look at your plan from an outsiders perspective.
Now you’ve got your plan, what do you do with it? Does it sit on the shelf and gather dust? I hope not, it should become a part of your daily operations. Security is not an event, it is a culture which must be trained into your whole team.
I am a telco & internet entrepreneur, nerd wrangler and massive lover of bacon. I was involved in the investigation of and successful conviction of David Noel Cecil – “Evil, The NBN Hacker”.
This article is written from the experiences I had before, during and since the successful execution of Operation Damara. My experiences are from a telco perspective however they are just as applicable to corporate and government networks.
I currently work with several Australian Telco’s and IT businesses, developing Incident Response Plans and helping them ensure the ongoing continuity of their mission critical infrastructure.
If your organisation doesn’t have a strategy for dealing with internet security incidents, I would love to help you out!
Shoot me an email – email@example.com or grab me on Social Media for more information.