What are the steps involved in an organization's plan for a data breach?
What will be an ideal response?
Data breaches aren't guaranteed to happen, but they are likely to happen. As a result, organizations need to plan for data breaches. They need to rehearse what they will do when a breach happens. Executives, managers, and systems personnel must perform a walkthrough and discuss the specific steps each person will take after a breach occurs. This should be done as part of a broader business continuity planning session that discusses how to return the organization to normal operations as quickly as possible. As part of the planning process, organizations should form a computer security incident response team (CSIRT) consisting of staff from the legal and public relations departments, as well as executives and systems administrators. Coordinated pre-planning for an incident helps organizations avoid missteps like accidentally destroying evidence and issuing poorly worded data breach notices to users. Decisions must be made before the incident, not while it's happening.
Finally, as part of the planning process, organizations need to identify additional technical and law enforcement professionals that may need to be brought in to help handle the data breach. Evidence of the breach must be preserved, and the extent of the damage needs to be accurately measured.
You might also like to view...
Which of the following are the two types of general surveys?
A) periodic B) panel C) shared D) A and B E) B and C
Which of the following cultures is likely to be established, if the number of levels in an organizational structure is reduced?
A. inert B. egalitarian C. despotic D. autocratic E. totalitarian
An illusory promise is consideration for a return promise
a. True b. False Indicate whether the statement is true or false
A system that provides a real-time integrated view of a company’s core business processes through information sharing to tie together the critical components of an organization to achieve cross-functional collaboration is known as ______.
a. CRP b. ERP c. MRP II d. DRP