What is the most overlooked step in a cybersecurity plan?

3.3k views1 Upvote8 Comments

Head of Information and Data Analytics in Software, 5,001 - 10,000 employees
No matter what you do, how many of our data we're going to invest, there could be certain things penetrating that perimeter. When that does happen, what kind of incident response plan is in place? What are you going to do about it?
CEO and Co-Founder in Software, 51 - 200 employees
Response is a very important thing that a lot of people don't pay attention to. Everybody assumes a lot of things will happen and things will fall in line. I think last year was a perfect year. How hard it was for even really large entities who have a lot of money to even put a response plan together. If 2020 is any lesson for human life, it's definitely one for cybersecurity. This year is going to be only more interesting and exciting. Every week, congress is making time to have people come talk about cybersecurity. So either they don't have a lot of things to do for the policy or they're just excited about cybersecurity.
VP, Director of Cyber Incident Response in Finance (non-banking), 10,001+ employees
This is an excellent question.  I think it's the maintenance of the plan itself.  Because even if you document the plan, and the processes to address the response, each security incident is unique enough that it will require you to update the processes involved.  So the moment you publish your plan, it's already out of date!
1 Reply
Senior IT Manager in Government, 10,001+ employees

Absolutely. I would say actually following it, and keeping it up to date and current, are the biggest challenges. Too many organizations create a plan, the stick it on a shelf until the next annual audit rolls around. It does you no good if you don't actually follow through from the plan.

Director of Technology Strategy in Services (non-Government), 2 - 10 employees
Communicating it in a way that makes sense to your people.
CIO / Managing Partner in Manufacturing, 2 - 10 employees
Getting senior executives fully on board and understanding it.
Director of Technology in Government, 501 - 1,000 employees
Overlooking physical security in your CyberSecurity plan could leave a major gap in your CyberSecurity posture.
Senior Information Security Manager in Software, 501 - 1,000 employees
Testing, and that the plan must be regularly updated.
Regularly could mean quarterly or more often.

Content you might like

Way more involved5%

Somewhat more involved47%

A bit more involved31%

Security’s current role is adequate10%

A bit less involved4%

Somewhat less involved1%

Way less involved1%



CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
43.6k views132 Upvotes319 Comments

Significantly increase usage6%

Somewhat increase usage44%

No change in usage48%

Somewhat decrease usage0%

Significantly decrease usage0%

Don't know yet - too soon to say2%


350 views1 Upvote