Organizations today face an overwhelming volume, variety and complexity of cyber attacks. Regardless of the size of an enterprise or its industry, organizations must create and implement an incident response plan to effectively and confidently respond to the current and emerging cyber threats. In this second part of our three-part series on the topic, we examine the seven key components of a robust incident response plan, with exclusive and in-depth advice from a range of top experts, including consultants, in-house and outside counsel. Part one covered the types of incidents the plan should address, who should be involved and critical first steps to take in developing the plan, including references to sample plans and practical resources. Part three will explore implementation of the plan, evaluating its efficacy, pitfalls, challenges and costs. See also “Minimizing Breach Damage When the Rubber Hits the Road” (Feb. 3, 2016).