Top Five Considerations for Deciding Whether to Insource or Outsource Incident Response

Every organization’s cybersecurity strategy needs to include an incident response (IR) plan. Whether recovering from a ransomware attack or a compromised email, there are many aspects involved in responding to a cyber incident—such as containment, intra- and inter-department coordination, threat mitigation, business and data recovery, and after-action cleanup.

The National Institute of Standards and Technology (NIST) Incident Handling Guide is still a go-to resource today in helping security leaders make this critical decision. Check out Fortinet’s five questions to consider based on NIST’s guidance to help you determine whether to insource or outsource IR.