Skip to main content
IR - Incident Response

IR - Incident Response

CYBERSECURITY DICTIONARY

IR - Incident Response

IR is actions a company takes to manage the aftermath of a security breach or cyberattack.

The goal is to have a plan to manage the situation in a way that reduces recovery time and costs and limits damage to both technology infrastructure and corporate reputation. The most effective Incident Response plans have been formalized and practiced (perhaps through tabletop simulations) in advance of a true emergency. Common activities in Incident Response include identifying/containing/eradicating the issue, and recovering the impacted systems. It may also involve the PR and Legal teams if public breach notification is required or some sort of legal risk is created. Finally, a good IR plan involves taking note of lessons learned and using that knowledge to help prevent future incidents.

Seeking Clarity?

View the Cybersecurity Dictionary for top terms searched by your peers.

Explore the Dictionary

Related Assets

August 24, 2017

Enterprise Incident Management Brief

Learn how Optiv’s workshop helps security leaders evolve their technical incident response practices to broad scope enterprise incident management.

See Details

October 08, 2018

3 Key Ways To Improve Your Incident Response

As attack surfaces expand it is critical for enterprises to develop and implement a proactive incident response (IR) plan that combats an increasing l...

See Details

December 14, 2016

Threat Hunting and Incident Response

Proactively examine your organization’s IT infrastructure with a focus on identifying signs of a potential compromise, active breach activity or malic...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.