This month of CISO Stories will look at the findings of a cross-sector task force of CISOs and staff who shared details of their incident management best practices, including incident response plans, playbooks, metrics, and business continuity plans.

The Incident Management Best Practices Guide presents a framework and components for the incident management program, including executive support, resources, stakeholder engagement, documented requirements and procedures (plans, playbooks), support systems and tools, training and testing, and continuous improvement metrics and actions. The Business Continuity Best Practices Guide includes sample BIA templates, a business continuity plan template, and guidance for tabletop exercises.

Practitioners will also connect the dots on how effective incident response and business continuity planning can continuously help to improve identity, application, cloud and network security, anti-ransomware efforts, zero trust, email security, threat intelligence, AI and third-party risk management.