Regulatory frameworks from PCI-DSS to NERC-CIP  to  the newly minted NIST CSF 2.0 each require organizations of all sizes to have cyber incident response plans.  Most of us who have spent any time in cubicle filled office towers are familiar with fire drills to clear the building and gather staff at muster points, and that is as close as we get to the real thing.  Unfortunately that same lucky streak will   Unlike a fire drill, recent research estimates 85%  of businesses will expereince a cyber incident annually,  and many will find short-comings in their incident response plan. This episode explores a couple of recent news-worthy Canadian Cyber incidents, challenges with incident response plans and as always, how to use ESRM principles to further your program, even in a time of crisis.