Which strategy is emphasized for maintaining operations during a security incident in DSAC Annex B?

The emphasis on proactive incident response plans as a strategy for maintaining operations during a security incident underscores the importance of preparedness and readiness. Proactive incident response plans are designed to address potential security incidents before they escalate into more significant threats. They include predefined procedures, roles, and responsibilities, which facilitate swift actions when a security breach occurs.

These plans help organizations identify risks, assess their impact, and determine the necessary steps to mitigate those risks effectively. By focusing on proactive measures, organizations can minimize downtime, protect critical assets, and ensure continuity of operations. This can involve regular training, simulations, and updates to the plans based on evolving threats, ensuring the organization remains resilient against potential incidents.

In contrast, the other strategies may provide benefits in their respective domains but do not directly address the immediate operational requirements during a security incident. Employee wellness initiatives can positively impact morale but do not specifically maintain operations during an incident. Cloud-based data storage solutions enhance data accessibility and security but are not a strategic response framework. In-house disciplinary measures relate to employee conduct and do not facilitate operational continuity during a security incident.