Incident Response Plan – Healthcare Organization


Resolute was engaged by a healthcare organization to refine and update its cybersecurity incident response plan. The organization, which includes several hundred employees and contractors, has a uniquely large universe of stakeholders due to its healthcare partnerships with local governments and community-based health centers.

Strategy and Tactics: 

Resolute saw this as a strategic opportunity to strengthen the coordination between the operations and communications in the existing plan and develop a more holistic, resilient response to a cybersecurity incident.

Resolute began the engagement by assessing the existing incident response plan to identify any communications gaps or issues with the operational processes. After completing the initial assessment, Resolute conducted interviews with members of the organization’s incident response team to gain a better understanding of the organization’s technical capabilities, data infrastructure, and breach notification requirements.

In coordination with the organization’s cybersecurity incident response team, Resolute identified scenarios, ranging from common to severe cybersecurity incidents, that the organization might face. For these scenarios, Resolute prepared tailored key messages and a suite of communications materials to be deployed to the organization’s stakeholders – ranging from talking points for employees and emails for customers – in the event of an incident.

Resolute drafted the communications in a way that ensures the organization can easily tailor and supplement them with real-time details during an incident. The goal was to create a robust incident response plan that accounts for several different scenarios. This accelerates notification to key stakeholders during an incident and streamlines a difficult decision-making processes.

A key component of the organization’s response plan – these pre-written and pre-approved materials will allow the organization to more quickly manage and respond to a potential incident – no matter the severity.


Resolute is in the process of introducing the comprehensive plan to the organization’s incident response leaders. The newly updated plan will be rolled out across the organization and be continuously refined with lessons learned from the organization’s regular tabletop exercises.


  • Incident Response Plan Assessment
  • Incident Response Communications


Partner & Chief Operating Officer