Incident & Breach Response , Security Operations

Incident Response Plan: How to Decide on Your Risk Appetite?

2 Experts Share Their Views on How to Put IR Plans to Practical Use
(From left): Santosh Khadsare and Md. Sanowar Hossain

What should a good incident response plan contain, and how must enterprises decide on their risk appetite for a good IR plan? Two experts - Md. Sanowar Hossain, head of IT security at Mutual Trust Bank in Bangladesh, and retired Lt. Col Dr Santosh Khadsare, digital forensics and incident response expert from the Indian Army - discuss how to design an incident response plan.

See Also: Combat IT Team Burnout by Embracing Automation

One of the primary factors in drawing a good IR strategy, say the experts, is to understand the risk tolerance of your organization.

"We should do a detailed cost-benefit analysis as well as an analysis of risk. This has to be done in collaboration with business," Hossain says. He adds that only investing in security tools will not achieve the desired goal.

Khadsare says it is important to include predictive analysis in your incident response plan. "When we are speaking of risk tolerance, we need to include reactive, proactive as well as predictive analysis. It also depends on the industry culture and financial strength of an organization. All these factors need to be included when we are speaking about risks," he says.

In a video interview with Information Security Media Group, the Hossain and Khadsare also discuss:

  • How to build cyber resilience;
  • How to prepare playbooks for different incidents;
  • The important tools needed to create an IR strategy.

Hossain is head of IT security at Mutual Trust Bank in Bangladesh. He has more than 22 years of diversified experience in information technology, cybersecurity, IT service management and project management.

Lt Col Khadsare is a digital forensics and incident response expert who has retired from the Indian Army. He has more than 23 years of experience in the field of digital forensics, cyber laws, cyber audit and incident response.

About the Author

Suparna Goswami

Suparna Goswami

Associate Editor, ISMG

Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she wrote about the Indian startup ecosystem. She has also worked with UK-based International Finance Magazine and leading Indian newspapers, such as DNA and Times of India.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.