Technology Planning: Incident Response

Research Hub > Technology Planning: Incident Response
The Process of Improving Security
May 28, 2020

Developing a comprehensive incident response strategy is a key component of any organization’s security program, but it requires a thoughtful approach and point-by-point plan.

Working with CDW on Improved Incident Response



Prepare for the inevitable by developing a plan to more effectively respond to an incident.

  • Secure executive buy-in.
  • Identify your organization’s most valuable assets.
  • Perform a risk assessment and address identified gaps.
  • Create a threat model to understand the types of incidents your organization is most vulnerable to and their potential impact.
  • Identify compliance and reporting requirements.
  • Properly define roles and responsibilities and establish a communication plan to be used during an incident.
  • Develop an incident response plan, including processes and procedures.
Image of woman using a laptop to video chat.
Image of a man looking at computer screen.


Security teams need the right instrumentation to detect, contain and eradicate threats.

  • Consult an expert to identify gaps that exist within your existing security instrumentation.
  • Invest in endpoint detection and response (EDR) and next-generation anti-virus (NGAV) solutions to provide comprehensive visibility into endpoint activity critical to detecting, investigating and mitigating advanced cyberthreats.
  • Centralize logs and leverage an event log management solution to detect and investigate unusual or suspicious activity across the enterprise environment.
  • Collect network telemetry to identify and track anomalous network traffic and baseline deviations.
  • Minimize the attack surface of your environment through comprehensive vulnerability management solutions.


Organizations and threats constantly evolve. Conduct regular reviews of your incident response program.

  • Conduct regular reviews of your incident response plan and update it as necessary.
  • Leverage purple team and tabletop exercises to validate the efficacy of your incident response program.
  • Never let a good incident go to waste. Learn from security incidents within and outside your organization.
  • Stay abreast of the latest trends and attacker techniques and adapt your incident response program as necessary.
Close up image of a woman using tablet device.

Next step: Call CDW to get started with Incident Response.

Cybersecurity Assessments

Root out risks with
CDW Cybersecurity Assessments.

Security Services

Get critical insight into your organization’s security risk with
CDW Cybersecurity Assessments.

Discover how CDW can help improve your incident response plan.

Contact your account manager, or give us a call.


Discover how CDW can help improve your incident response plan.

Contact your account manager, or give us a call.

You May Also Like

White Paper
What Is GDPR, and How Does It Affect Retailers?
A major regulation went into effect this year to govern how organizations that do business in the European Union handle data. Here's what you need to know.
Why a Risk-Based Approach Yields Effective Security
A holistic assessment of threats and vulnerabilities helps an organization appropriately prioritize and mitigate its risks.
Smarter Security Addresses Evolving Threats
Artificial intelligence and data analytics are improving the performance of endpoint security solutions.