Did you know that the GuardSight team publishes a free and open-source Incident Response Plan (IRP)?

Here’s what it is all about: Many organizations GuardSight gets called into to help with Incident Response (IR) or Cybersecurity Operations (SECOPS) do not have a formal IRP. Fundamental elements such as roles, taxonomies, severity ratings, tactics, techniques & procedures, log retention, evidence collection and chain of custody, after-action reports, contracts with 3rd party service providers, law enforcement connections, insurance, and legal advisory are not defined, are not at the ready, or do not exist.

To help our partners and customers be better prepared to respond to a successful cyber attack and to give back to the worldwide community, GuardSight published an abstracted version of the IRP it uses to achieve compliance standards such as NIST 800-171 and SOC2. The IRP intends to help responders with the tactical aspects of incident response and create a potent response. The IRP, including a Table-Top Exercise (TTX) framework, can be found on our GitHub.

What does this mean for you as someone already utilizing or considering purchasing one of the GuardSight SECOPS protection packages? It means creating culture of response readiness, reducing dwell time, turning dysfunction into function, and improving your cyber readiness posture.