If you work in incident response, you’ll recognize this scenario all too well: It’s Friday night and you just started the book you’ve been keen on reading for a couple of weeks when suddenly, you hear your beeper buzzing. The display reads that the security operations center (SOC) escalated a security incident for an intrusion taking place on your company’s customer database.
Not to worry, though. You prepared for the possibility of a data breach and have an incident response plan ready for this kind of incident. Your team is well aware of the data breach risks associated with possible unauthorized access to the customer database. Your plan includes how to escalate matters to management, how to report issues to your data protection officer (DPO) and instructions for the IT team to preserve evidence, contain the threat and recover from the incident.
There’s nothing more to do, right? Not quite.
Take Control of Incident Response Communication
Incident response processes often only focus on the technical aspects of proper procedure. While we’ve already included escalation points to management and can foresee direct lines with the legal and human resources departments, there’s one crucial element that is frequently overlooked: communicating with your stakeholders.
One common data breach risk is this type of news spreading fast, and it’s often uncontrolled. Your incident response training and plans can prepare for a data breach, but they will not help you if, as a result of a miscommunication, your entire focus is on damage control instead of expla ..
Support the originator by clicking the read the rest link below.
