Security planning is a key component of an enterprise's overall information security strategy. It includes developing policies and procedures for incident response, IT and security staff, as well as for employees at large. It also includes building a incident response plan coupled with a forensic team capable of deconstructing the attack to its core components and actors. Finally, it requires forward-thinking defenses that can deflect an attack before it strikes. This Spotlight edition will address all of these issues and more, helping CISOs build a strategy to mitigate loss as quickly as possible.