Outline should include actions such as
- taking the affected systems offline, repairing damage, and restoring systems
- identifying and deactivating compromised accounts
- identifying compromised systems
- installing a patch or update to eradicate the vulnerability
- contacting affected individuals (e.g., system administrators, employees, clients or patrons)
- contacting law enforcement
- reviewing lessons learned through the breach to prevent future breaches.
Process/Skill Questions:
Thinking
- What is the protocol when an organization's data is breached?
- Who would evaluate an organizational data breach?
Communication
- What communication methods can be used in outlining a response to an organizational data breach?
- What are communication tools to use in the event of an organizational data breach?
Leadership
- Why is it critical to evaluate an information breach?
- What leadership skills should be used in communicating the effects of an organizational data breach?
- How can leadership provide remedies for those affected by an organizational data breach?
Management
- How can an organization forecast and address the consequences of a data breach?
- When can an organization determine the existence of a data breach?