Having a cybersecurity incident or data breach in your company can be like being in a building on fire. Take a look at the following checklist (note, this is not an incident response plan!) while keeping in mind that over half of the items on that checklist should be performed almost simultaneously within hours of learning that your company has had a cybersecurity incident.
While this is not an exhaustive list, these are the items that most often need to be performed in the cases in which I guide clients through the incident response and remediation process. Of course, there will be exceptions, additions, and omissions — take this for what it is, a starting point. You can download the checklist here: Cyber Incident Response Checklist