Incident Response Guideline for SMEs
Cyber attacks evolve rapidly as the costs and efforts required for hackers to launch attacks are decreasing due to the development of automation and computing powers. This leads to increased cyber attacks targeting different organisations (including public or private, multinational or local organisations). As most small and medium enterprises (SMEs) lack the resources to build a wider scope of cyber defence to prevent or block cyber attacks, this makes them an easy target.
To address the above-mentioned issues, HKCERT has developed the “Incident Response Guideline for SMEs” to help SMEs and other organisations to:
- Maintain and maximise their systems’ defences with limited resources
- Minimise business and financial impacts in cyber incidents
- Prevent and minimise the reoccurrence of similar cyber attacks
This Guideline defines and explains the Incident Response Life Cycle, and outlines the tasks to be performed before, during and after security incidents. It also includes advice on setting up a security framework in the organisation, defining roles and responsibilities, etc. Moreover, the key steps for handling common incident scenarios are highlighted to guide the organisation to fast-absorb different steps in response to security incidents.
In addition, the Guideline aims to help non-technical readers to easily absorb and understand how to create a proper incident handling procedure for their organisations through the following:
- Scenario questions to formulate incident response procedure
- Standard Operating Procedure for different incident scenarios
- Incident Handling Checklist
- Incident Response Procedure Template
Please click “Incident Response Guideline for SMEs” to download. Should users have any comments or enquires about the guideline, they are most welcome to contact HKCERT via email: [email protected] or its 24-hour telephone hotline: 8105 6060.