Governance & Risk Management , Incident & Breach Response , Managed Detection & Response (MDR)

Essential Elements of an Incident Response Plan

CISO Thom Langford on Key Considerations for Creating and Testing an Effective Plan
Thom Langford, CISO, Publicis Groupe

Several polls find that a majority of businesses still don't have a formal incident response plan in place. Thom Langford, CISO of Publicis Groupe, says all companies should consider two essential elements when crafting a plan: strong legal representation and a communications plan that considers both internal and external messaging.

See Also: Hunt Cloud Threats or Be Hunted | CISO Guide to Cloud Compromise Assessments

In a video interview at ISMG's recent Fraud and Breach Prevention Summit in London, Langford also discusses:

  • How frequently an incident response plan should be tested;
  • Considerations for updating a plan;
  • How to determine whether incident response can be handled in-house.

As CISO of Publicis Groupe, a French multinational advertising and public relations company, Langford is responsible for all aspects of information security risk and compliance as well as managing the group information security program. He's also responsible for business continuity capabilities across global operations. An international public speaker and award-winning security blogger, Langford contributes to a number of industry blogs and publications. He is also the founder of Host Unknown, which produces security education and infotainment films.

About the Author

Joan Goodchild

Joan Goodchild

Director of Multimedia Content, ISMG

Joan Goodchild is veteran writer and editor who has been covering security for more than a decade. Before joining ISMG, she was the editor-in-chief of CSO, where she led the team to several national awards, including an AZBEE (ASPBE) for website of the year and several Digital Eddie (Folio) awards for B2B website of the year. Her previous experience in business journalism includes roles as a broadcast and web editor with the Boston Business Journal and as a news writer covering the Windows OS with TechTarget. Prior to that, she worked as a television reporter and anchor for more than a decade. She has a master's degree in journalism from Northwestern University's Medill School of Journalism and is the recipient of an Edward R. Murrow award for investigative reporting.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.