Fahmida Y. Rashid writes:
Investigating and recovering from security incidents are extremely stressful and time-consuming. Talking about what happened poses a different set of challenges, and many organizations struggle with effective communication.
Organizations are increasingly developing incident response playbooks to plan out in advance what steps to take in case of a security breach—such as an employees accessing files without authorization, a lost computer, or a server compromised by outside attackers. In many cases, these playbooks focus heavily on the technical details and the operational tasks needed to recover and get back to business, and don’t always go in-depth on how to communicate what is happening. A recent paper in the Computers and Security journal from a team of academics from the United Kingdom’s University of Kent and University of Warwick laid out a framework for how organizations should communicate after a security incident.
Read more on Decipher.