for Project Managers
ADVISORY ARTICLE
By Nazy Fouladirad
California, USA
Project managers play an important role within an organization and can be tasked with a wide range of assignments, from rolling out new technology investments to spearheading cloud adoption strategies.
At some point in their careers, some Project Managers may be called upon to assist with executing critical incident response planning and execution. With the increasing number of cybersecurity breaches in all industries, having a clear strategy in place is vital for ensuring the business has a clear path to follow when faced with a major cybersecurity crisis. And sticking to that path is essential.
While a PM should not be responsible for building an IR plan, they may be asked to help execute one. Below, we’ll cover the essential elements necessary to an effective Cyber Incident Response Plan (CIRP) and the role that project managers may be asked to play along the way.
Preparation Phase
One of the most important elements of CIRP is the planning and preparation phases. This is where project managers may work with their IT and security teams to ensure the execution of a thorough risk assessment. They may also need to gather the necessary information to build a plan around.
Part of this phase may involve documentation of all critical infrastructure assets and assembling a dedicated response team. Each team member should be given clear instructions on the role they’ll play during an incident response. Define procedures and document the step-by-step processes for different types of breaches.
Other priorities in this phase include developing crisis communication protocols. This involves establishing clear guidelines for both internal and external stakeholders. Have pre-drafted public statements ready in advance to distribute immediately and mitigate any potential damage to public perception.
Detection & Analysis
Having tools in place for quick threat detection and analysis as part of your CIRP can mean the difference between faster resolutions and several days or even weeks of system downtime. Your IT and security teams are likely incorporating network activity monitoring solutions that are designed to flag unusual activity as it occurs.
When an alarm does trigger, this should initiate certain tasks from security response teams who can quickly investigate the situation and see whether or not it’s an anomaly or something that needs to be acted on.
More…
To read entire article, click here
How to cite this article: Fouladirad, N. (2025). Cyber Incident Response Planning (CIRP) for Project Managers, PM World Journal, Vol. XIV, Issue X, October. Available online at https://pmworldlibrary.net/wp-content/uploads/2025/10/pmwj157-Oct2025-Fouladirad-Cyber-Incident-Response-Planning-for-project-managers.pdf
About the Author
Nazy Fouladirad
California, USA
Nazy Fouladirad is President and COO of Tevora, a global leading cybersecurity consultancy. She has dedicated her career to creating a more secure business and online environment for organizations across the country and world. She is passionate about serving her community and acts as a board member for a local nonprofit organization.