Security Slideshow: Responding to a Security Crisis

By Mike Theriault  |  Posted 06-17-2010

Responding to a Security Crisis

1. Review Compliance DocumentsBe ready to demonstrate compliance to avoid fines and regulatory action.

Responding to a Security Crisis

Responding to a Security Crisis - Page 2

2. Call Your Incident Response TeamBeyond IT, members may include: attorneys, senior execs, PR, HR, and representatives from each affected business line.

Responding to a Security Crisis - Page 2

Responding to a Security Crisis - Page 3

3. Assess the DamageDetermine who and what is or may be affected and the potential effect on your business.

Responding to a Security Crisis - Page 3

Responding to a Security Crisis - Page 4

4. Notify StakeholdersConsultants, regulators, and law enforcement should know ASAP; in most states, you have 30 days to disclose to customers.

Responding to a Security Crisis - Page 4

Responding to a Security Crisis - Page 5

5. Identify the Cause and Minimize the DamageUnless a breach is actively hurting business, delay fixes until cause and potential impact are understood.

Responding to a Security Crisis - Page 5

Responding to a Security Crisis - Page 6

6. Emergency SituationsUnplug susceptible servers and storage systems, disconnect media devices if malicious code is suspected.

Responding to a Security Crisis - Page 6

Responding to a Security Crisis - Page 7

7. Document the IncidentRecord everything, from detection through response, to speed rebuilds and aid prosecution of the perps.

Responding to a Security Crisis - Page 7