Based on a NIST Framework, Every company should implement a incident response plan in case of breaches and data leaks.
for more information about NIST Framework check the following web site , https://www.nist.gov/topics/information-technology
The plan must be a general governance plan approved and supported by the general management.
Synthetically, the plan should include 10 steps :
A brief introduction of the company strategy and the commitment of board committee supporting the plan
the different steps would be :
- Prevention
- Planning
- Preparation
- Detection
- Analysis
- Containment
- Communication
- Eradication
- Recovery
- Post-Event analysis
all parts should be fully documented.
As a beginning a special task force should created and lead by a referral.
the committee has to get the endorsement of the Board and the executive committed.
If you are interested, I have made the complete Sony Hack incident response plan happened in 1994. The full analysis was part of my final submission to a course whom I’ve been graduated at Harvard University in 2019.
Furthermore, in the previous list all parts are important but some of them are more. the communication crise is one aspect that companies forgot to emphase and to secure. Especially, when you are publicly traded, this part objective is to handle all external outcomes due to the hack and data leaks communication to the community.
At disposal, a global risk mitigation plan is available including the analysis of the incident response plan.
Please free to contact me at Damian
Comments are closed.