Incident response
Example: After a card-skimming scare, a neighborhood bistro is glad it wrote a one-page incident-response plan in advance, so the manager calls the lawyer, POS vendor, and bank in order instead of losing the first day deciding who to phone.
IR plan, breach response
A pre-decided plan for what you do in the first 24 hours of a data breach: who do you call, what do you change, what do you tell whom. Most operators don't have one. Most operators who get breached spend the first 24 hours figuring out the plan instead of executing it.
Why it matters
A small-business incident-response plan is one page: lawyer (yes, before you call anyone else), POS vendor, payroll vendor, bank, cyber-insurance carrier (if you have one), affected customers (under your state’s notification timeline). Write it now, store it in two places, hope you never use it.
The 4-tier framework at /security/#four-tiers tells you which data needs to be in the IR plan.
Frequently asked
What is incident response?
Incident response is a pre-decided plan for what you do in the first 24 hours of a data breach: who do you call, what do you change, what do you tell whom. Most operators don't have one. Most operators who get breached spend the first 24 hours figuring out the plan instead of executing it.
Why does incident response matter for a restaurant?
A small-business incident-response plan is one page: lawyer (yes, before you call anyone else), POS vendor, payroll vendor, bank, cyber-insurance carrier (if you have one), affected customers (under your state’s notification timeline). Write it now, store it in two places, hope you never use it.
Browse all
149 terms.
Plain-English definitions for every term in your audit, organized by category.