2-2 Discussion: Roles and Responsibilities Matrix


 Imagine that you are in the middle of a large-scale cyber incident that will result in damage to your company’s infrastructure. You are responsible for incident management in your company. You break the glass and pull out your team’s incident response plan, which contains a roles and responsibilities matrix. You find it is out of date, incomplete, or inaccurate. What is your strategy to address this quickly so you can resolve the crisis and not get stuck in a cycle of analytical paralysis?