Which of the following is the MOST important action in recovering from a cyberattack?
Creation of an incident response team
Use of cybenforensic investigators
Execution of a business continuity plan
Filing an insurance claim
The most important key step in recovering from cyberattacks is the execution of a business
continuity plan to quickly and cost-effectively recover critical systems, processes and datA. The
incident response team should exist prior to a cyberattack. When a cyberattack is suspected,
cyberforensics investigators should be used to set up alarms, catch intruders within the network,
and track and trace them over the Internet. After taking the above steps, an organization may have
a residual risk thatneeds to be insured and claimed for traditional and electronic exposures.