//////////////////////////////////////////////////////////////////////////
The team also needs to understand what
information not to share, duplicate or make
available outside of a secure and trusted
inner circle. For example, if you are building
a component for a government contract
and there is a suspicion that designs have
been inappropriately accessed, sharing the
blueprints with incident team members is
inappropriate. The data may have been
privileged before the incident and the policy
for its control must continue to be monitored
and adhered to during an incident response.
Just because it may have been leaked does
www.intelligentcio.com
not remove existing security procedures
and teams need to learn how and what to
communicate. The same would be true for
credit card or other personally identifiable
information. Just because it may be leaked
does not mean the files should be treated with
any less security moving forward including
putting the data on an insecure share for
preservation. Teams need to learn how to talk,
know what can and can’t be said, and what
can and can’t be shared. Data transparency
during an incident needs to be considered
during the social aspects of any response plan.
FEATURE: DISASTER RECOVERY
Morey Haber, Chief Technology Officer
at BeyondTrust
INTELLIGENTCIO
53