Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Who 'owns' an investigation into a security breach?

Taylor Armerding | March 3, 2015
Experts agree that ownership of an investigation depends on what happened, but an advisory council says no matter who owns it, it needs ‘Unified Risk Oversight’ to be effective.

Regarding planning, Mason said no matter who is overseeing investigations and who the stakeholders are, "they should be meeting regularly -- one or two times a month -- to discuss issues and how things are being handled and who may need assistance. The dialogue is especially critical these days as threats continue to morph."

He added that every department in an organization, even if it is not directly involved in an investigation, should be, "immediately available to assist. And transparency -- as much as possible -- should be exercised in regards to communicating status to outside teams on the investigation."

And regarding practice, Carlo Guerriero, cybersecurity and privacy expert at PwC, said, "it is paramount that organizations continuously develop and test their incident response plans."

 

Previous Page  1  2  3 

Sign up for Computerworld eNewsletters.