Incident response is the strategic, organized responsed an organization uses following a cyberattack. The response is executed according to planned procedures that seek to limit damage and repair breached vulnerabilities in systems.

IT professionals use incident response plans to manage security incidents. Having a clearly defined incident response plan can limit attack damage, lower costs, and save time after a security breach.

A cyberattack or data breach can cause huge damage to an organization, potentially affecting its customers, brand value, intellectual property, and time and resources. Incident response aims to reduce the damage an attack causes and help the organization recover as quickly as possible.