Many organizations are coming to terms with the troubling fact that they will fall victim to a cyber attack at some point, if they have not already. An effective incident response plan can be one of the best tools to mitigate the impact of an attack – it can limit damage, increase the confidence of external stakeholders and reduce recovery time and costs. The Cybersecurity Law Report spoke with a range of top experts, including consultants, in-house and outside counsel, who answered some of the tougher practical questions that are typically left unanswered in this area. They shared in-depth advice on the subject based on their own challenges and successes. In the first article of this three-part series, we cover what type of incident the plan should address, who should be involved and critical first steps to take in developing the plan, including references to sample plans and practical resources. Parts two and three will examine key components of the plan, implementation, evaluating its efficacy, pitfalls, challenges and costs. See also “Minimizing Breach Damage When the Rubber Hits the Road” (Feb. 3, 2016).