What to Do in the Event of an Actual Information Breech

What to do in the Event of an Actual Information Breach

What to do in the Event of an Actual Information Breach

DeVry University

SEC340

Prepared for David Morgan

11/19/2012

DeVry University

SEC340

Prepared for David Morgan

11/19/2012

What to do in the Event of an Actual Information Breach

If an incident is discovered on your company’s network that most resembles a possible violation of personal information, will your employees be equipped with the appropriate knowledge and ability to eliminate the inherent risks early and efficiently? These are challenges that organizations face every day and the consequences can be devastating if not properly handled. For these reasons, as well as others, it is essential to have a well-designed plan already established to help reduce the loss of data that can occur due to these unfortunate events. However, planning for the attacks is only one part of the defense. The second part of the plan is having properly trained staff ready to respond at a moment’s notice standing on the sidelines.

It is imperative for the organization to determine the nature of the incident in order to carry out the appropriate steps to gain control of the situation in a form that contains the event while at the same time, preventing further incidents from taking place. There are four main steps in responding to a breach or a suspected breach.

STEP 1 - CONTAINMENT

In order to contain a potential incident, five key actions must be taken. These actions include reporting, assessing, containing, documenting and briefing (White, n.d.).

As soon as an conflict is discovered, it needs to be reported immediately to the Security Department. This department will be available 24 hours a day specifically for these types of events. The Security Department will forward the message of a possible attack to the Chief Information Security Officer (CISO). Unless the violation is damaging the system or hurting the...