The National Institute of Standards and Technology (NIST) has released a new guide for handling all ranges of security issues. NIST has a great range of other publications to help in a great number of areas, especially technical and policy matters.
It’s a very well written document. Our friends from CERIAS contributed as well.
Even if you don’t have a CERT or have a security staff, this document will help you be prepared and make those tough decisions far in advance of a problem arising. The world is a different place these days. It’s not a matter of if you’ll have a problem sometime, but when. Being prepared is critical.