Since COVID-19, the US FBI reported a 300% increase in reported cybercrimes (Source)
A security incident response plan is a set of instructions to help IT staff detect, respond to, and recover from network security incidents.
Its purpose is to establish and test clear measures that an organization could and likely should take to reduce the impact of a breach from external and internal threats
A Security incident response plan is a set of instructions to help IT staff detect, respond to, and recover from network security incidents.
These types of plans address issues like cybercrime, data loss, and service outages that threaten daily work.
In this case, let us discuss a very common situation where a device is stolen that contains confidential client information. This happens more often than we can imagine.
What do you need to set up this process?
A start is usually an intelligent form on your Self-Service Portal that allows your End-Users to register a Security Incident. This form can also be used by your Specialists (Agents) at the ServiceDesk when they are contacted via Telephone.
Intelligent Workflows will trigger the necessary actions within your IT Organization to have the stolen device reported and replaced while in parallel the Security Organization needs to follow their internal processes to figure out what kind of information has been compromised, notify the necessary internal and external authorities and last but not least also notify the Client whose information has been compromised.
As this might be a situation that could damage the reputation of your company, it is very much advised that each and every step in the process is correctly monitored, reported on and followed-up by leadership.
The full presentation deck is available now :
Comments