Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Developing and Testing an Effective Breach Response PlanWhether or not a data breach is a disaster for the organization depends on the security team's response and that is based on how the team developed a breach response plan beforehand and if it was thoroughly tested. Inside this report, experts share how to:
-understand the technical environment,
-determine what types of incidents would trigger the plan,
-know which stakeholders need to be notified and how to do so,
-develop steps to contain the breach, collect evidence, and initiate recovery.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
User Rank: Apprentice
11/30/2017 | 11:14:16 PM
Understand that it's critical to understand what went wrong to cause the incident, but I feel it would be very insightful to understand who made the decision not to disclose the incident.
Where did that decision occur? At Uber's Board, CEO, Legal team. Even if that decision was left to the CISO then that's actually a damning indictment on their delegation of authority.
I understand that Uber want to offer up the CISO as the official 'scapegoat' but wow if the standard response to a major data breach is 'sack the CISO' then in not to long we will be faced with an understaffed industry having to fill strategic leadership positions potentially with highly skilled cyber security people that may not have had the training and experience to work at the strategic C suite level.
Jason