KPMG’s Forensic team has identified 10 major mistakes that can cripple an organization’s response effort to data breaches, cyber-attacks and other security events.
The mistakes, detailed in the document '10 Common Cyber Incident Response Mistakes', are as follows:
1. Plans are not tailored to the organization
2. Plans are only used in real-world incidents
3. Teams are unable to communicate with the right people in the right way
4. Teams lack skills, are wrong-sized, or mismanaged
5. Help desk activities can destroy critical evidence
6. Incident response tools are inadequate, unmanaged, untested or underutilized
7. Data pertinent to an incident is not readily available
8. There is no 'intelligence' in the threat intelligence provided to incident responders
9. The incident response team lacks authority and visibility in the organization
10. Users are unaware of their role in the security posture of the organization.
Read the document (PDF).