How you respond to a security incident can determine whether the problem gets fanned into flame or extinguished. When companies plan their cybersecurity strategies, there’s often a lot of time spent talking about and testing various security solutions, backup and disaster recovery tools and security awareness training options. All these actions are vital components to building a strong security posture, but they’re not the first thing companies should be thinking about. One of the most important foundational activities organizations tend to put off until it’s too late (i.e., post-incident) is creating a plan that details how your company would handle a security incident. While it might sound a bit defeatist to create a plan that assumes the security tools and services you’re about to invest in to prevent a security incident are going to fail, it’s not the case. First, not every security incident is a worst-case scenario like the Colonial Pipeline attack that resulted in a $5 million ransom payment. Often, an incident is something much smaller, such as a failed attempt to breach your defenses. The second point is that a small security incident can become a serious threat if the incident response isn’t handled properly. More on this point below.
Robert Kim, Chief Technology Officer at Presidio, helps organizations modernize with purpose by turning AI, cloud, and digital technologies into real business outcomes. As a strategic technology orchestrator, he guides clients through complexity with a strategy first and value-led approach. Rob leads initiatives at the intersection of innovation and governance, ensuring secure, scalable, and sustainable digital ecosystems. Prior to joining Presidio in 2016, he held leadership roles across technology management and consulting, with expertise in sales engineering, business development, and operational excellence. He holds a Bachelor of Science from Penn State and an MBA from Drexel University.