How to prepare your team to address a significant security issue

“In the past year, several people have asked me some version of the question: “What should we do when there’s a cyberattack or security issue?” My first instinct is to suggest technical actions, such as “review your log files,” “disconnect devices from the network” or “rely on your backups.” I also want to ask for more details: “What sort of a problem? Ransomware? Pwned passwords? A corrupted website? Databases accessed? Files inappropriately shared? A DNS issue?” The technologist in me wants to troubleshoot the problem.” – read more at TechRepublic!