KuppingerCole Report
Leadership Brief
By Christopher Schütze

Incident Response Management

The probability of becoming a victim of a data breach is now higher than ever. The hyperconnected world and the ever-increasing complexity of modern IT systems and processes pose new challenges for IT staff. All organizations must invest in an Incident Response Management plan. Preparation is essential and ensuring that everyone knows what to do can significantly reduce the impact of a cybersecurity incident.

1 Executive Summary

Ensuring the availability of digital services in the event of a cyber-attack is a fundamental part of a company’s cybersecurity approach. Organizations need to prepare for being the victim of an attack. The chance of being hacked is significantly higher than in years previous, with the size of the company having little to no influence on the probability of being targeted.

Ransomware attacks, for instance, can shut down an entire enterprise and the attackers will attempt to blackmail you to pay a ransom to regain access to your data. Classic attacks via malware or hijacking of a privileged user’s account can lead to data breaches that threaten the very existence of your business, if all your customer data or other sensitive data is leaked and made publicly available.

For such worst-case scenarios, a concrete plan and organizational structure must be defined, to ensure that the impact of the attack and the harm to the company can be minimized.

This Leadership Brief discusses how Incident Response Management (IRM) should be set up and what the most important quick wins for your organization are.

2 Analysis

Organizations typically invest a lot of resources to prevent attacks and continuously monitor for signs of intrusions. Multiple security products are ...

The goal in the prevention phase is to continuously update operating systems, applications, and frontline security tools such as Endpoint Protection ( ...

After the triage, the IRM team must contain and eradicate the threats. The appropriate level of access permissions must be available to the IRM analys ...

Login Get full Access

3 Recommendations

Cyber-attacks can pose existential risks to companies. Implementing Incident Response Management can help minimize those risks and prevent long-term h ...

Login Get full Access


©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.